The problem that passkeys solve is not that of their user. It is that of the website that authenticates its users. With mere passwords, there is no way they can be sure that the user follows the required password hygiene. With passkeys, there is no way a user could set up something insecure.
Regular users would not set up double passkeys, and would suffer vendor lock. They would be better off with password manager instead.
Savvy users know how to follow password hygiene, and have no need to have it enforced on them. So they don't need passkeys either, they would be better of with good password manager.
Exactly what I am saying. Users don't need passkeys. Auditors and other guys from the checkbox compliance department on the opposite side do, for "security posture".
