Password managers are the default, and they operate between desktop and mobile clients. No need to pass anything between different devices manually. Autofill within browsers handles also the transit from the manager to browser’s field without clipboard.

Passkey or true delegation would be the ideal.

But 🤷‍♂️ if the nsec delegation is not feasible.

Bluesky has those limited passwords and they are nice. Revokable tokens on Mastodon instances with oAuth2 are convenient, too.

Nostr should use normal methods if it wants to become mainstream.