And worse (sometimes) consumed by email scanners. There's all sorts of hassles with them. Email deliverability often an issue too.

Oh, I see. Thanks! So, they're basically the second part of 2FA?

They aren't really 2FA at all since often you don't need a password. To login you just type your email and enter the code you got from the email or click a link.

Shopify works this way where buyers don't have passwords and only log in with codes sent via SMS/Email.