Looks like we are going to have to move to two phone solutions.
The second phone will be very basic with open source hardware and self installed open source software, simple enough that you could build it yourself if you wanted. Its sole purpose will be secure communications and it would just use your phone as the communications medium.
It’s already a difficult to convince people to use signal instead of WhatsApp, FB messenger, iMessage, etc… if it requires a new phone with sideloaded software etc, I won’t have many people to text anymore.
I just gave up on smartphones altogether. It is much easier to make a laptop/desktop private instead and limit your private messaging and activities to it.
I have a separate KeepassXC database for 2FA. I guess my life experience is limited, but I am yet to encounter cases when this would be outright required. The closest one was Steam, but I used an Android VM for this.
The second phone will be very basic with open source hardware and self installed open source software, simple enough that you could build it yourself if you wanted. Its sole purpose will be secure communications and it would just use your phone as the communications medium.