They explicitly mention Briar as an example of adding extra security layer, unlike Signal, Wicker etc.
Some apps, such as Briar, may choose to implement their own password input screen which allows them to tie the decryption of the app data to a user password as well as the Keystore key, but these apps seem to be in the minority. Password recovery for Briar via methods such as brute-force or dictionary attacks is possible within Oxygen Forensic® Detective.
I think TPM on Pixel devices protect against this attack.