The way it works is that the code phrases are use to do a key exchange (PAKE), which means that the only way they're useful to an adversary is if someone is able to MITM your connection and guess the passphrase. The presumption is that this is unlikely enough that you should see a bunch of incorrect passwords and abort, knowing something is wrong, before someone is able to successfully MITM you.
I admit I'd rather see a longer default passphrase too, but fortunately this is adjustable on the sender's end of the connection, so you can choose a longer one if you'd like.
I admit I'd rather see a longer default passphrase too, but fortunately this is adjustable on the sender's end of the connection, so you can choose a longer one if you'd like.