Google this week enabled passkey support for everyone. Passkeys are touted as the password killer, at long last. Your phone generates a public/private keypair, and all you need to do is use that to log in without a password. It pretty much eliminates phishing as a threat since you need your phone to log in, and your phone needs to be physically close to the device you're trying to log in on (they communicate via Bluetooth).
I have tried it in a few ways and it's pretty slick. To log in on my computer, my computer shows a QR code that I scan with my phone, do FaceID, and I'm logged in. My password manager, 1Password, has announced they will start supporting cross-platform passkeys next month.
Here's an article:
https://arstechnica.com/information-...rds-heres-why/