GrapheneOS

In addition to what else was shared: GrapheneOS now has fairly nuanced options for running apps.

Things that previously would not run at all, now often run fine - if granted additional permissions, such as the permission for the developer to be lousy at their job (various settings under "Exploit Protection").

Many apps run afowl of "Exploit Protections", but if you trust the app author, those settings can be disabled just for that app. Just realize that needing these settings generally means the app developer is bad at their job. If that's for an Indie Game - oh well. But when t's my bank...maybe I should reconsider who I trust with my money.)

This allows deciding how much to trust each app author.

I find it creepy that Google hasn't back-ported more of these privacy features into stock Android.

Specifically regarding the two app types you mention:

Regarding authenticators: I have yet to encounter one that fails on GrapheneOS. I have found some that only allow backups via Google services, which feels insane to me, anyway.

I wish someone had pointed me to Aegis sooner. Aegis is compatible with every MFA service I have tried it with, fully open source, available on F-Droid, and supports backing up to an encrypted file.

Regarding finance management apps: These have gotten super invasive, recently. Mine all work fine on GrapheneOS, but don't play nice with routine VPN usage, or with ever having location services disabled even for a minute.

The saving grace is that all the finance apps I use have had perfectly functional websites, which cannot be made invasive, the way an app can.