How do you feel about one time login code sent via email?
Does not get prefetched, does not require a click (if at the library, you can check your email on mobile and simply type the number), no need to remember anything, does not get marked as a malicious link by anti-fraud software.
My problem is the number of steps and hoops to do something that used to be very fast. I feel like this is the opposite of what us engineers are supposed to offer our users. I get it is very secure, but I don't think this is a good compromise. Login should not be a chore. I should be minimally aware of it and still safe. That's my ideal experience.
I think for a decent chunk of people using computers at public libraries, having a phone on them and logged into their email may be a stretch