>>> by just having a copy of the encrypted data sent to some cloud service, e.g. iCloud/OneDrive/Google Drive, but decided you couldn't trust any?

False sense of security. As proven countless times in these forums, a ban on 1 product or 1 account on Google, is a ban on all of Google for that device and linked devices. I dont think you have factored in this risk. Or that commercial products get discontinued all the time. Open source (syncthing) doesn't have that issue. And we haven' touched billing yet.

>>> There's no one you would trust with an encrypted copy?

Doing password backups is particularly tricky. Commercial vendors are robust and depend on local circunstances. They do have changes in ownership which do change security priorities. Its a bit of a moving target whether they can be trusted or not. For non password needs, the answer is much simpler:No. They will sell data, at a minimum.

>>> o you have any automated backup of your phone to a cloud service, or only local?

Only local. I have 1 device parked in a relative's house that gets updated everytime i am there. That's my remote backup. But its not a daily backup, but i can live with that.

>>> I am overseas holding a new replacement for a lost phone, looking at the text "Enter the 6‑digit verification code", I will wish I'd thought about more carefully.

This is, indeed, the most important thing you must resolve. How urgent you need access to X ? Maybe you should solve for that separately. Everything else is much simpler and done.