A Yubikey can be used as a passkey (FIDO2 / Webauthn) instead of a password. In my experience most websites use the "security key" as a second factor in addition to a user/password login.

It can also be used to store/generate OTP (one time passwords) for 2FA with an alternative authenticator app on a phone/desktop.

I use both methods.