Passkeys solve exactly your complaints. They’re being pushed heavily by Apple and Google, so very soon you’ll be able to sign up for sites without having to set a password + MFA.
But won't this just use Google Sign In in the end. This will give the shitty website at least my OpenId data from Google and enables social engineering with my important account?