[Too]

It really depends on who the service is being sold to.

Business - SSO via Oauth2, with Azure AD as a ready to use integration

Developers - SSO via Oauth2, with prepared integrations for Github, Gitlab, Keycloak, Okta, or Google.

Personal banking or services where a tie to your real identity is an absolute must - SSO through your national id provider.

Personal sites with less stringent security - SSO with Google or Apple. Here you may also roll your own identity with user+pass+2fa. I guess this is the category you are interested in based on your suggestion. This is also the category with most variety in the field, for example some sites allow email login and recently passcodes are getting popular here.

[TowerTall]

Consumers - SSO via Oauth2 with Azure AD B2C (https://learn.microsoft.com/en-us/azure/active-directory-b2c...)

[tstrimple]

Azure AD/Entra ID I don’t mind. It’s crufty, but seems to work reliably. But the Microsoft B2C solution is far less supported and configurable than most of the competitors in the space. It doesn’t seem to get nearly as much attention from Microsoft and the dev experience for it shows. I’ve found solutions like Auth0 to be far superior.