Sign in with Apple, required by Apple for all apps with social logins, will only prompt you for a password when you don't have Face ID, Touch ID or a PIN set on your device, according to https://support.apple.com/en-ca/HT211687

So that's effectively the same thing as if the site only used FIDO2 - because that's the same technology Apple uses within Safari and other web browsers to implement Sign in with Apple.

You can do the same with your Microsoft account: https://www.microsoft.com/en-us/microsoft-365/blog/2018/11/2...

The big name left out of all this is Google. They seem to have embraced using passwords everywhere, except, oddly enough, on their passwords management website - https://security.googleblog.com/2019/08/making-authenticatio...

Every once in awhile Google Chrome will prompt me to sign in with a password, skipping the 2FA check, just to validate my identity. It's kind of pointless, really. If they can't trust my device to be secure, why are they asking me to enter a password on my device? That just weakens my account's security if they legitimately couldn't trust my device... Better to have my device validate its ID and my ID via Windows Hello or the same FIDO2-style biometrics and call it a day.