The passkey is still protected with another factor, such as pin code or biometrics
Like when I login to my account, I put the yubikey to usb port, then browser asks me to unlock it using pin code, then I’ll touch the yubikey to confirm I’m in physical access to it, and only then it allows the authentication
Shouldn’t you still need 2fa, and use the passkey as the second auth?
The passkey is still protected with another factor, such as pin code or biometrics
Like when I login to my account, I put the yubikey to usb port, then browser asks me to unlock it using pin code, then I’ll touch the yubikey to confirm I’m in physical access to it, and only then it allows the authentication
In practice this takes about 2 seconds