I’ve been resisting using them and decided to set one on my rarely-used and unimportant Piefed account to try it out.
Saved to Bitwarden fine on my desktop browser. When I try to log in with a browser on my phone, it asks for my username and does nothing more after that dialog closes. While I’m not sure if this is a problem with Piefed, Bitwarden, or Firefox, I’m now disinclined to try it with anything important, especially if that thing might then discourage me from logging in with a password.
I recognize the theoretical advantages, but passkeys don’t do much to solve problems I actually have. All my passwords look like #vVukh9c$3Kw4Cs8NP9xgazEuJ3JWE and are unique. Bitwarden won’t autofill the wrong domain. I don’t enter credentials in links from emails I didn’t trigger myself immediately before. I haven’t checked whether I can reliably backup and restore them in my Bitwarden vault.
Need is a strong word.
2FA is a pretty good idea for some applications and needless hassle for others. I don’t need most of my accounts to have 2FA; I use a password manager with strong unique passwords, and for many accounts, having to make a new one would be an inconvenience rather than a tragedy.
Service providers might be motivated to force it on me if stolen accounts could cost them money, but most of them don’t need to; it’s just the most expedient move for them.