Get a Pixel 7 or newer and put Graphene OS on it. Pixels are excellent phones and have good support for custom ROMs. The Pixel 6 has a lot of weird issues that the others don’t have, so avoid it. Graphene is the best ROM for privacy AND security, and it is also relatively user-friendly.
Or, if you want an older phone, try a Pixel 3, 4 or 5. They are good phones with an older design style that may appeal to you.
/e/OS (also known as Murena) is also a good ROM for privacy, and supports a broader range of devices.
I would very much prefer to use passkeys wherever possible. My password manager of choice Bitwarden also supports them. Unfortunately, Android 13 which I am running does not support setting a default app to handle passkeys. So I cannot access that functionality on my phone yet. I think in a few years I will be authenticating with passkeys for a lot of services. However there will be a lot of services that lag behind in terms of offering passkey authentication.
Learn Linux TV has some stickers related to FOSS and self-hosted sofware. It also helps support a great learning resource.
They can recieve security updates if you use an alternative ROM such as Lineage or /e/OS.
Can you please explain how e/OS/ is insecure?