If someone stole your recovery seed but they are protected with additional passphrase, how many guesses can they make per second and how strong must password be to protect until you notice your seeds were stolen (few day max)? I am talking about passphrase that Trezor and other hardware wallets give you.
I can't answer all of this question, I don't know what kind of symmetric encryption algorithms trezor is providing. I can tell you that the number of guesses per second depends on the implementation of the cracking script and the hardware it's running on.
Now, assuming your additional passphrase is sufficiently random (not something that could be found in a rainbow table), and assuming some modern encryption procedure, like, say AES 256 (
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) then unless these hypothetical ppl are throwing tons of resources at cracking your wallet, it should be pretty difficult. On the other hand, if they have huge, dedicated compute clusters then maybe they'll find your password really soon. It's all about resources.