I think in “the user passphrase can be changed in settings (but yes, for now it’s numbers only)” Dorota is talking about the login password that is associated with the purism user i.e. the password used to unlock the phone after initial boot and thereafter any time the lock screen activates.
That is quite separate from the disk encryption passphrase (the LUKS passphrase) that is used during the boot to access the content of an encrypted disk.
The only restriction on the disk encryption passphrase is that it should be printable ASCII characters only. It is not restricted to digits only.
However I admit that for changing both of these (disk encryption passphrase, purism password) for initial install, I used the command line. So I am not really across what restrictions or problems the corresponding GUIs might have.
To be honest, a digits-only disk encryption passphrase is probably not strong enough but a) as always, that depends on your threat model and b) even a shortish digits-only disk encryption passphrase is some kind of protection for the information on your phone in the event that your phone is subject to casual (untargeted) theft or loss.