I would never use a device with a secure element. I use a Trezor Model T. I think my security hack is much better then what any device manufacturer does.

I just use a high entropy passphrase\password from an extremely hardened and secure keepass vault.

I have it set up so that it's extremely easy and quick to use. With auto type obfuscation and much more.

I'm not as worried about them hacking my seed phrase from a device, as I am about them getting one of my backups.

But the probability of them getting both my seed phrase and passphrase is extremely low. Without both, any one is useless..🤔🙂