Trezor Model One is the only one that requires that you enter passphrases through Trezor Suite. All other models allow you to choose, but the default behavior should be to enter passphrases on the devices themselves. It's an extra layer of security. Like you said, the passphrase alone isn't enough to compromise the funds in a wallet, but why allow even it to land in the wrong hands if there is a safer way to do it.

If customers still want a faster way to work their passphrases, then let them enter it on Trezor Suite and that's what the company does. The choice is theirs. I would always prefer the safer method.