You are not limited to four digits.

I see. Is there a limit? Does it approach 128 bits?

"Over 90 characters" [1]. At roughly 5 bits per character, that puts it at more than 450 bits.

[1] http://www.engadget.com/2014/03/05/how-to-set-up-a-complex-p...

Nice!

Of course this isn't ever actually used - in practice users choose four to eight digit passcodes.

Users should, if they want to secure their information, use a randomly chosen passcode of approximately 30 digits long.

You can choose to set a complex password which can be as long as you want and use the full keyboard

How difficult is it to configure this? Users should definitely choose passphrases of sufficient length and sufficient types to be secure. This is unfortunately an infamously tricky area of security to get right - and the password ought not be reused or used for the Apple Id login or anywhere else.

Did you factor in the possibility that after ten fails the device is wiped?

This would be for a cryptographic attack - not someone with the hardware.