I think this post about easily decrypting your home directory is a good overview (I never tried it, don’t know if it works):
If it’s true, then Jolla strongly needs to consider adding the ability for either a separate boot passphrases, or allowing passphrases in addition to PINs. Either should be a very simple implementation.