We had originally planned to go all-in on passkeys for ONCE/Campfire, and we built the early authentication system entirely around that. It was not a simple setup! Handling passkeys properly is surprisingly complicated on the backend, but we got it done. Unfortunately, the user experience kinda sucked, so we ended up ripping it all out...
Using a security key as a password manager seems to resolve this issue (I think?), but I guess the issue is more a problem for the casual user who wouldn’t bother with a security key!
Can you elaborate on what it means to use a security key as a password manager? I’m not sure if I understand what you mean.