Passkeys would provide a faster, more seamless login than magic codes (no waiting for email) while being more secure than passwords and independent of third-party providers like Google. Major platforms like Google, Amazon, and Microsoft are driving adoption and nudging users to use them instead of passwords.

At the time of writing, all major browsers support passkeys, and users have several options for syncing them (or using a hardware token like a Yubikey). Since you would be storing a public key and opaque ID, the information would be useless to an attacker and would incur no additional liability or obligations under GDPR Articles 32-34. Libraries like SimpleWebAuthn are mature, well maintained, and straightforward to use.

Passkeys were mentioned in a comment https://legendkeeper.canny.io/feature-requests/p/login-pains-disuade-new-users but I didn't see a standalone request for them, so I am making it here. I would also be happy to help with testing.