This used to be the case 20 year ago, but today browsers come with secure RNG seeded with device's entropy. Wallets like MEW use it and it's not a problem.

OP, why not use Shamir's secret sharing? I think Ian Coleman has mnemonic tool for that, and it would allow for a better setup than this. Currently you have a seed which is useless alone and passphrase that is impossible to memorize and is useless alone. But with SSS you can create N of M setup where each shard is equal and you don't need them all to get the key.