[aryehof]

I wonder about a scheme using public key encryption where a scannable code (public key of the pair) is displayed on the log-in screen, where one has an app on a phone that can match it and send an authorization to the site for login.

Moves the complexity to unlocking a phone and starting an app.

[Atiscant]

In Denmark the official identification app does basically this. When you to officially verify yourself for e.g. the bank, government sites or whatever you type a “username” (identity string that officially should not be linkable to you but in practice often is). The site then displays a QR code that you scan with phone and then approve with a slider. It is not perfect but it is fairly easy for everybody.