It is almost impossible to set up personal Microsoft accounts that does not allow passwordless login. So what is more likely to have happened is that your account is set up like this and you are just getting MFA requests that are not a second factor, but simply an attempt to get access to your account.

I was getting multiple of these a day and found that if you set up the Microsoft Authenticator app from a phone, it will force it to passwordless if you have any type of lock on your phone (facial, fingerprint, pin). The only way around it is to disable all of those while setting up the account in the authenticator app. I don't use my Microsoft account much, so just use a separate e-mail now for verification instead of the authenticator app.

The fact that this is how it works is of course insane, but I'm guessing someone inside of Microsoft is hitting their KPIs for passwordless logins or something...