That's a pretty solid point, though if you only want to secure against a random hobo that doesn't know you at all (and indeed has never seen you) then face locking is okay.

If you're leaving your laptop unattended in a place where random strangers have access to it, the likely outcome is that the machine will be stolen. I'm struggling to come up with a threat model that makes sense for biometrics.

I'm not sure what sort of office you work at, but unfortunately all of the ones I've ever been in do indeed have random strangers in them (not employed by the company). Generally you can trust them not to steal laptops, but you are still not supposed to be sprinkling your possibly internal-only communications around. This threat model is well-served by biometrics, though really why you wouldn't just use a password I don't really know. As you say it works against a more robust attack and there are ways of generating them that are (relatively) easily memorisable using mnemonics.