The PIN can be longer than four digits. Signal also guards against this with safety numbers; if someone takes over an account, every contact will see that the safety number has changed and should consider that the account may be compromised until verifying out of band.