I use a durable identity verification that I control and can use anywhere (within reason): a standard offline password manager (keepass) synced via dropbox. I create "yet another password", but I never see it or directly interact with it (outside of tweaking the password generator to fulfil weird password requirements)

> I think the whole point is not having to create yet another password.

That's the fallacy. You're always creating a new password. Only its storage location is changing. You can store a password in a variety of ways and places. When you use a social login, you're using a time limited password stored in the OIDC provider. And if you lose your account there, you lose all your passwords.

Also, you can store your passwords in OS key chains (Linux, macOS), browser password managers (Mozilla Lockwise/Firefox), in myriad of other online/offline password managers, on a text file or paper.

Many sites allow you to "reset" your password for an account created with a social login. However, if you created an account with Google OIDC and lose access to your GMail account, that's another matter.

But that also creates security risks especially relating to information exposure. The ID provider will always know which services you use, how often you perform logins etc.

A secured password manager is the superior option, especially since you would not compromise every service in case your password is known by third parties.