All variations of FIDO2 authentication “offer additional phishing protection by requiring user participation during sign-in (like doing a fingerprint scan or producing a dongle) so attackers can’t get as far with usernames and passwords alone.” Previously, FIDO2 and related standard WebAuthn “gained ubiquity through adoption by all the major browsers” — except Safari — although “Apple has hinted it will add support.”