Same but this basically puts all the trust in your mail provider which also sucks.
We should have logins with security keys and/or local biometric unlocking. I think that would already increase security and ease of use a lot. But these things are so expensive and not well supported yet