[kjksf]

They also have a OAUTH login with google, which is the one I use.

But on the merits: not storing the password is safer than storing it so it's a valid claim.

And it is a 2fa mechanism to a tee (https://en.wikipedia.org/wiki/Multi-factor_authentication)