No need to write like that. I know, understand and use passkeys for quite a while now.

I don't love them. I don't love passwords either.

But while I don't fear passwords, I fear passkeys. The reason is that it makes the tech even more intransparent. My password manager stops working, completely dies or I can't use it anymore for other reason? No problem, I can fallback to a paper list of passwords if I really have to. This transparency and compatibility is more important than people think.

Passkeys lack that. They can be an interface like you described, but only if everyone plays along and they can be exported. But since there is no guarantee (and in practice, they often cannot be exported either) they are not a replacement for passwords. They are a good addition though.

Unfortunately, many people don't understand that and push for passwords to begone.

I have yet to see passkeys used as a sole method of logging in. There's always a traditional username and password setup first. There's always a recovery code set up for the passkey. I have yet to see passkeys offered as the only means of MFA. Which means that your backup methods still work. You can use them for recovering your access. I see passkeys as an optional convenience. It works well for me by that measure.

What about server-generated passwords, like API keys? That would solve the main problem with passwords, namely, that people reuse the same weak password everywhere. I doubt it would be as popular as user-selected passwords, but I still wonder why no website has tried it.

Why not keeping passwords AND passkeys? Most of the time I want to use passkeys for different reasons, but if I lose my passkeys I can go back to my printed list of passwords.

A passkey import/export standard is in the works. Once I know I can backup everything in a keepass database I'll be much happier.