Let’s say they just generated a random keystring.
They lost their key.
They don’t have a backup or export of the file.
They don’t even have it saved in a key manager or wallet.
Now what?
The only difference is that with this method, they can regenerate their key with an important file (photo, song, video, document, whatever) that is only known to them.
That’s why there are no true cons to this approach.
I’m not trying to be rude, but I think sometimes we miss the entire point of something when we overthink things.
In other words, no different than if they had generated a random keystring without using a photo. 
[1] [2] [3]
You’re more likely to lock yourself out of your own data, rather than some random person solving a ridiculous puzzle to retrieve your encryption keys. The extra safeguards to prevent yourself from permanently losing access to your data are worth it in my opinion.