With Apple you don't need to use an authenticator app.
Once you set it up (which was simple the times I've used it), the passkey for a site stored in your iCloud Keychain.
So, for example, Home Depot supports this.
1. I go to home depot.com
2. Click Sign In
3. Enter in my account (e.g.
myaccount@myemail.com)
3. It asks "Use Face ID to sign in"
4. Tap "Continue" (there is alternative "Other sign in options")
5. It verifies who you are using Face ID and you are in.
Note: On my Mac it uses Touch ID instead of Face ID (likewise on older iPhones that use Touch ID).
If I select "Other sign in options" I get three options
- use the passkey for the current account entered (basically, the default)
- "iPhone, iPad, or Android" "Use passkey from a device with a camera"
- "Security Key" "Use an external security key"
These options allow the more complicated case where the passkey isn't on the Keychain. This allows using an android phone or YubaKey or other security manager.
Frankly, it's not really any more simply for Apple users - your password is also stored in the Keychain and if you use a generated long, random password you are in good shape. But the passkey is actually more secure since the key is cryptographic.
More info:
https://support.apple.com/guide/iphone/use-passkeys-to-sign-in-to-apps-and-websites-iphf538ea8d0/ios