@username @eri in a perfect world, anything that uses totp or hardware 2fa or passkeys - services that do it right won't allow the password reset flow to reset your 2fa method (though some do anyway, or provide alternate reset paths for 2fa lockouts that involve other identity verification)

"passwordless" in my experience also means you don't have the option to use any of these other factors; your only factor is possessing the email address and there's no more secure/decoupled options