If your friend is able to figure out her passphrase, it would be a good idea to add her passphrase to her backups.
But this will increase the susceptibility of the backup to offline attack if compared to backup of seed phrase and passphrase separately in different locations.
You should store your passphrase separately from the rest of your seed. Storing them together is almost pointless.
Some people use a passphrase as an additional security measure to prevent theft in the event their hardware wallet is stolen. I think it is fairly common for people to be more lax with their hardware wallets with regards to security, while backups are almost always kept under some kind of lock and key. Some people may also use a passphrase to prevent a
$5 wrench attack while spending your coin. It really depends on your security model and assumptions.
If your friend doesn't know the passphrase, then it's a terrible recommendation to use iancoleman. They need to use some sort of brute force tool if their password wasn't long enough or/and didn't use any special characters. They do know a part of it, right?
Check
btcrecover. It's a tool made for these occations.
If the OP's friend knows their passphrase is one of a dozen or so possibilities, the setup/reading the documentation for something like btcrecover may take longer than using iancoleman's tool.