We had originally planned to go all-in on passkeys for ONCE/Campfire, and we built the early authentication system entirely around that. It was not a simple setup! Handling passkeys properly is surprisingly complicated on the backend, but we got it done. Unfortunately, the user experience kinda sucked, so we ended up ripping it all out...
Seems to me the whole argument boils down to “they (the passkeys) are generally saved in proprietary non-communicating stores”, which is fair. But then the problem is not the passkey, it’s the fact that we (as usual) give all our stuff to corps. It’s the eternal struggle of easy of use vs. better security.
I host my own vaultwarden btw 😊