With symbolic links I managed to place the keyfile somewhere else.
Cloud sync tools can filter the keyfiles, so they are not stored in the cloud.
Of course on other PCs the same methods (symbolic links and sync filtering) have to be used.
On smartphones this solution is probably not possible.
More details are in my posting of today in another forum topic:
2FA Authentication
Best regards from Rudy