Indeed, keeping a mnemonic written down offline has been challenging if you are concerned about physical access to the mnemonic. There are several solutions that mitigate this problem, such as Seed XOR. Although I have not used it yet, I find the tool quite useful and, if used correctly. The most interesting thing is that the seed XOR presents good plausible deniability.
I have already discussed similar methods with good plausible deniability, such as
deriving a hidden mnemonic through BIP85 and
Seed-OTP. Although Seed-OTP encrypts the original seed with completely different words, it doesn't create a valid seed, presenting a lack of plausible deniability. I then proposed to
modify the last word generated by seed-otp with the last word that presents a checksum for the encrypted seed.
Unfortunately, I can't say which of these options are the most cryptographically secure, although in digital security, the most recommended is to use what has already been audited and tested extensively by the community. The more public and accessible the encryption/backup method is, the greater the chance that it will be more easily used and accessible. It will all depend on the level of paranoia and the risk acceptance of each method.
The interesting thing is that all 3 methods have plausible deniability (if you also take into account my seed-otp approach by modifying the last word), if someone accesses the encrypted/decoy mnemonic, they will not be able to access the original wallet, even if it doesn't have a BIP39 passphrase.
And if the real wallet is protected by a BIP39 passphrase, even if someone gets both its encrypted/decoy mnemonic + passphrase, they will not be able to access the real wallet that contains the funds!