USB security idea

So i have been reading up on computer security and decided to come up with a design of my own here it is: Note: This is focused towards USB security not OS specific A USB that is encrypted using Veracrypt it should have a 15 digit long password that is completely random meaning no connection to you or anyone else you have had contact with and should not be written down anywhere or told to anyone inside this USB there is a directory that will again be encrypted using Veracrypt the password principle is the same here both passwords should be separate and random this directory can contain anything you need every other week or so you should format the system and the USB afterwards write a bunch of random stuff to the drive and then format again finally encrypt the drive with a random password again and the same for the directory My thinking behind this is: 1. If you have a clean system ( Meaning in a theoretical sense there is not any backdoors within the software present or hardware and you just installed the operating system ) You can setup the drive encryption without worrying that your password is being stolen by a keylogger ( Again software/hardware comes into play here ) If the password is completely random then it should be hard for your average attacker to gain access to the drive without lots of resources and time. Note: Whenever you setup the encryption make sure you have a stock copy of a operating system ( Software/Hardware comes into play again ) and the operating system/encryption software has been verified to not be malicious before creating a password. 2. If the password is random and over 10 characters long and/or is not related to you or can be easily guessed cracking the password would take a lot of time and resources your average attacker ( Say a hacker who is looking for information such as banking documents not a state backed one ) would not have. 3. This part is merely a guess on my part if the attacker breaks your first layer of encryption then to access anything they would have to go through the second layer. 4. Regular drive reformat along with the host operating system ( My idea would be erase the drive with hard drive wiping software and format the USB using a live boot operating system ) The passwords should change once the drive is encrypted again. I believe this would prevent attackers from using a keylogger to grab keystrokes and the encryption password along with most malware that resides on the hard drive not firmware based attacks ( A possible solution to this would to flash clean firmware ) 5. I am still learning and don’t know what i am talking about yet so i hope someone here will tell me what is wrong with this setup and how can i fix it along with any ideas or further reading