All of our SharePoint 2013/2016 installations use ADFS as STS together with HNSC. From what I read this is supposed to be best practice and while I don't mind (actually like) the HNSC part, using anything but Windows claims seems to give us a lot of grief.

• People picker accepts any value. This is a known problem which might be fixable by throwing some custom code and customization at SharePoint, it still leaves a weird taste
• Most of the mobile apps (IOS) simply don't work with claims while they all claim to work when NTLM is utilized.
• Because NTLM needs to be enabled on the web application for search and the likes, user are asked which identity provider the would like to use. Again -  we could throw some custom code at the system or override the url of the sign on page. It still feels somewhat clumsy.
• If in the mean time someone manages to log on using windows auth a second profile for that user is created (one for ADFS and the second for windows auth) in the user profile service. This seems to break SP2013 workflows because they rely on UPS and now get confused by the two profiles - at least that's what I experienced and read. Deleting the windows auth profile fixes the issue.
• Our biggest problem right now is that alerts don't work or stop working when using claims authentication with ADFS. The ULS logs didn't help me so far and we really need to understand why that is happening.

Anyway, I'm sure you get my point. Is using ADFS for an SP2013 on prem installation really the right way to go ?