What makes the brain wallets insecure isn't really the number of words. It's more about the fact that humans are bad at creating entropy. You may think your seed is "random" and "secure" enough, but it could be an easily brute-forced phrase.
Still, 24 words should be "safer" than 12 words.
there is 256 bits of input entropy for a 24-word seed, meaning that there are 2^256
possible 24-word seeds. This means that in order for the brute-forcer to have a 50% chance of finding your seed, they would need to check 2^256 ÷ 2 keys.
I did the math a while ago... The list is 2048 words. 2048^24 =
29,642,775,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 (rounded because I'm lazy)
Best of luck figuring that one out..