What do you mean? How would passcodes help phishing?

The solution is passkeys, which prevent phishing and more secure than passwords. I like how they replace SMS codes. But they are a pain to use and not that many sites support them. Every site that does 2FA should support them.