The only way an account accessed by a magic link can be compromised is by an already compromised associated email. No password in clipboard, which is how some of us still do it, etc. The magic link makes everyone secure regardless of how they store their secrets.

And there's also no password stash if the server were to be hacked, which means no sending out "please update your password" emails and the like.