The biggest problem with a passphrase is that entering it every time you get a text message is obnoxious and intolerable from a usability standpoint.
Your solution of turning it off before a possible event is a step in the right direction, but it's not reliable enough. It works ok when you get pulled over ... you have lots of time between the lights flashing and officer at your window. But for a lot of situations you don't have that luxury. For example, if it is lost or stolen it'll still be turned on, or if you are arrested just walking down the street...
Stuff like samsung knox has the potential to be a good middle ground -- a secure container within your phone. So you can fingerprint/ short PIN to access your phone, GPS, SMS and your pay-by-phone parking app, etc but have your documents and pictures and work email still behind a passphrase.
(I'm not sure how good knox is in particular, but the concept at least I think is a good idea.) And I realize for some people even the SMS and parking app they want behind the passphrase because it'll reveal who they talked to or where they parked etc... I get that. Security is always a trade off between convenience and security... for me always passphrase is too obnoxious to use -- I tried it, while only fingerprint or 4-digit PIN is far too weak to protect say, my email (more from theives than from law enforcement... ) the potential damage a theif could do with my phone is scary.
The only reasonable solution with current phones is to not have much of anything on them. So for example, the email account I have have linked to the domain registrations and various other online services and resources I have access to is NOT on my phone. This is frequently inconvenient and bit ironic -- on the one hand I WANT the notifications of any activity on those accounts immediately notified to me, but the risk of someone getting into my phone (e.g. by observing me enter my PIN, and the stealing it) and being able to take control of those accounts via the linked email and 2FA which is tied to that number... is too great.
Maybe knox type solutions would be a solution... i just haven't actually had the time to try it.
It'd be nice though if various cloud service providers would let you register a separate notification email in addition to the admin email. So that I could receive notifications like 'a user has logged in from a new computer to your account..." on my phone without that being the email address being the one that can also be used to retrieve/reset login and password credentials.