I disagree with a few of your points.
The guide was written with newbies in mind, so naturally, advanced users will disagree with some of the things.
- Do not write your password down on paper even if you cannot remember it. That is counter-intuitive and can result in your wallet getting hacked physically.
If you cannot write it down and cannot remember it, then what? No password at all? That's even worse. I have no problem with people writing down long and complex passwords - the key is to store that password safely. If you can store a seed phrase on paper, storing a password on paper is less risky, since the seed phrase is enough to compromise your coins on its own whereas with the password an attacker also needs access to your computer.
You gotta be able to remember your password, otherwise if you have to write it down and you get physically robbed, you're going to be SOL as bitcoin transactions are not reversable after the 1st confirmation.
The US military has a language program where students learn thousands of foreign-language words under intense conditions for 2-3 years. Memorizing 12 English words should not be that difficult by comparison. Regular passwords on the other hand, the truly random ones with numbers and symbols, cannot be memorized at all.
- Do not use advanced features like custom wordlist, BIP39 password, custom derivation path, Shamir's secret sharing, etc for your seed phrase. All of these are easy to screw up and will destroy your seed phrase copy as they can't possibly be remembered.
I assume by BIP39 password you mean extending your seed phrase with a passphrase. I would suggest everyone uses this. It is a fantastic tool. Write it down on paper separately to your seed phrase and back it up securely in a separate location to your seed phrase. It provides another layer of safety should your seed phrase be compromised, and provides you with plausible deniability in the event of a physical attack. Even better to use multiple passphrase if you can, as well as helping you keep coins from different sources entirely segregated and therefore better for your privacy too.
It's also a foot gun (re: c++ jokes).
Yes if you know how to use these features, nothing bad will happen. It's like the about:config in Firefox or the Windows Registry. But imagine telling a new bitcoiners about BIP39 passphrase. When you combine that with the fact that not all wallets support it (and those that do place it in very different GUIs and screens), it's easy to see how someone can accidentally mess up.