A passphrase can be another twelve words.
Discussion
If you've lost your seed phrase, what are the chances you haven't also lost your passphrase? And if you know how to protect your passphrase, why didn't you protect your seed phrase?
I'm not doubting that this setup isn't right for most people. But surely you can imagine a scenario where, given the right person and skills, it's beneficial?
I don't. The most generous situation is where someone had "some words" and "some more words", an attacker stole the first set, and not the second. First, why were they able to steal one and not the other, and you are somehow able to recall both? Second, you can do the same thing by using a 24 word seed phrase and storing half in one place and half in another.
In the end, "some words" plus "some more words" is indistinguishable from "some words", so why do we expect them to behave differently?
I don't want to go into my personal circumstances for obvious reasons, but I can confirm that you haven't thought about this from all angles. I'm not looking to argue, though. I agree with your overall sentiment. I'm merely saying, there are some very specific life variables out there that can make certain setups preferable over others. But for most people 12 words is enough.
It *would* be different if someone could brute force your seed phrase. In that case, adding words would definitely improve security. Since brute forcing a seed phrase is currently intractable, we have to assume that the attacker stole it. Presumably they would also steal your passphrase, but if not, it needs to be a pretty long, non obvious passphrase, or it will be trivial to brute force.
Now – is it more likely that your seed will be stolen in a way that makes your passphrase a useful defense, or that you'll someday forget it and lose all your funds?
