1) after closing the box, randomize the digits: humans are pretty bad at randomization, imagine modeling the randomization delta it won't be perfectly uniform, and the different discs would display similar distributions of rotation. Suppose spinning a disc to randomize it, one might have a peak at delta=+3 and sidelobes with lower frequency. Just a handful of observations when the codes were randomized will reveal the relative positions of the true code, and the only missing information is 10 possible global rotations, which is easy to brute force

2) A second approach is to not let an attacker learn anything by always presenting them with the same information: instead of randomizing, always reset to the same value (0000 or 9999 or any other value of choice). But in this case another attack becomes extremely easy: acoustically detecting the number of indentation clicks used per wheel by recording: without access to actuation direction that gives 1 bit of direction doubt per wheel or only 2^4 = 16 combinations left, easy to brute force.