I do not know why you are blabbering in the answer mate. PIN and password is not a security feature to avoid the scam and hacking mate. If you have the 2FA, private key and security phrase secured you will be able to keep your wallet safe mate.
In android wallet you can see blockchain wallet and mycellium seems much secured than other wallets mate.
In fact, wallets that contain 2FA are just the web wallets as blockchain info which helps to ensure more security but I would not trust my whole money in a web wallet, PIN and password are not a feature that helps protect you from hackers? so why do not you dare leave your wallet without a password? Obviously you would not do this, put a password easy to be broken as "123456" the programs that have brute fource break the encryption in a follow... that's what I'm saying about the need for a strong password to give your coins more protection.