Modern cars already have a complex sequence to enter pairing mode.

You need to press buttons inside the car, buttons on the currently paired key (to prove possession of that) and buttons on the key you want to pair with.

So a passer by would have to press a button on their fob at just the right moment. Then when you go to test your new key fob, it wouldn't work, so you would pair again until it was your key that was paired.

Yeah, it's the same for garage door openers today. I took the OP simply to be saying that physical access of some type needs to be available (ie. to stop anyone initiating a pairing). Some cars require the key to be physically inserted into the ignition switch, which requires the key to be correctly cut to match the car, before pairing; which is a nice extra hurdle to stop thieves quickly pairing after they break into your car.

Whatever the case, making it easier to pair, shouldn't be the primary focus, no need to help a thief doing it quickly. It would just be nice to have a way to do it, that didn't ultimately require the manufacturer to get involved; but that does remove a big hurdle for thieves, too.

Which can be easily bypassed by accessing any obd2 connected port, which you can conveniently find in the headlight housing of most automobiles.

That's CANBUS not OBD2, and it only works on some cars because not moronic manufacturer prevent it. Try doing it, on a European car you will fail.

I promise there is not an OBD2 port inside the headlights of cars.

There is CANBUS to the headlights, but that is not a OBD2 port. And more securely designed cars can put that in a less secure zone, so it can only send and receive commands for exterior things like lights, and not be able to have commands for keys injected, because that bus will not accept those commands.

you can press a button in the car, you don't need a cable.