There are a few reasons for this.

1. Conversion rates are higher and the majority tend to prefer these over passwords
2. When you have to reset a password, you typically have to send an email anyway.
3. It’s technically safer because they are short lived tokens and if someone’s password gets compromised, their token cannot.

It’s not a perfect system by any means, but it’s better than the shit implementation of passkeys and it’s generally better than passwords for most users.

I prefer passwords over links and codes, but I get it.

Nah bro. Just tell the agent to be a super duper distinguished software developer and write no bugs and keep the code maintainable /s