profthanh GrapheneOS isn't build to protect your device against theft but to secure your data against unauthorized access. There's no known reliable way to remotely wipe a GOS phone and such feature needs to work proprely.
I suggest you to add duress pin/password and use something like "1234" "0000" "12345" or "qwerty"
Set your phone to charging only.
Use a password with at least 90bits entropy
You can download KeePassDX to check if your password is enough strong.
Write your password on a white paper during several days until you are confident about to not forget it then burn the paper. Do not reuse that password somewhere else.
Do not rely on the secure element throttling by using a 6-digits.
You can add your fingerprints and use a second factor pin with at least 4-digits to avoid typing a complicated password every time your phone is locked.
Also, never type your password/pin if you are in an area with a lot of cameras and in places with a lot of people close to you. Never let someone use your phone, tell everyone that you are out of battery and if they see that you are using your phone and ask, refuse politely.
Install just the necessary apps on your phone. If you can use the browser instead of the app then avoid installing that app. Use scopes as much as you can.