Why did Ledger decide to limit PIN to four digits? I bet many users will use the same PIN as one of their credit cards. Increasing the PIN to five digits would be so much more secure. I hate the idea of a thief getting even a one in a thousand chance to guess the PIN.
that's pretty arbitrary - it'd be fairly easy to support a dynamic size, especially with no modification on the application logic since everything is done on device. I'll see if we can push this in the first firmware release.
Down on the to-do list, any chance of seeing the distress wipe PIN return for the command line script