I think these days the challenge is deciding on the best combination of security measures to take and which ones to choose.
Apple now offers a much more accessible interface to Keychain to create, sync, save, evaluate and fill passwords. Coupled with biometrics, "trusted" devices and 2FA it's a pretty good system.
If I was just starting out today I think I would confine myself exclusively to the Apple "system" after all it's native and free, but, of course I'm not. Some might say, isn't that putting all your eggs in one basket and there is some truth in that.
Like many "early adopters" I saw the personal need for better password management years ago. Many of us on this forum, like me, will have third party password managers already.
Authenticators like the ubiquitous Google authenticator paired to a trusted device such as your mobile phone have been around for years but now there are an array of others while some institutions continue to use the outmoded SMS One Time Password system (like one of my banks).
VPN's are now an optional feature of most web browsers and the VPN I have been using for years, now offers an inbuilt password manager.
The point is, I at least, now have at least 5 different ways, or a combination of them, for verifying my identity depending on the service I need to access. OTP's delivered to my mobile phone, PIN numbers for ATM's and apps, user name and passwords for websites, passwords and generated PIN's via trusted devices for some accounts, random PIN's generated by algorithms in authenticators (and some password managers) plus dedicated "tokens" and biometrics.
No wonder many users are confused. Perhaps "Passkeys" will be the holy grail as promised which is a whole other topic. Read;
What are passkeys? Everything you need to know about the death of passwords