That about summarizes the problem. It's definitely related to webauthn. But not the same thing. Which is why Firefox supports one but not the other (yet, I believe they are working on it). You could do webauthn without a hardware dongle but nobody seems to want to implement that until passkeys. Now your phone effectively becomes the hardware dongle. And if you then get rid of passwords, you are down to one factor. You had better not lose your phone, just saying.

Big Tech insists on their version of the tech which makes them the center of your universe, at the cost of their competitors and their users. Which is why we still have password logins everywhere. The solutions to move away from that have been around for some time. But big companies can't agree with each other on how to do this such that they don't lose users to each other. So, MS pretends to be the center of your world. So does Google. And Meta. And of course Apple. And a few others. And when you setup 2FA you are guided to use the Google Authenticator. Which of course annoys the hell out of competitors who then do something else or only reluctantly support 2FA or come up with some wacky scheme to do something with SMS.

Passkeys look like they are more of the same so far.

Firefox does support them on Windows and macOS, just like physical cross-platform authenticators (i.e. “Yubikeys”).

I agree this is a bit of a shame. I'm hoping platforms support using passkeys with other factors.

> You had better not lose your phone

You can sync passkeys between devices and backup to a cloud.

> big companies can't agree with each other on how to do this

This was the case 18 months ago, I'm not so sure it is anymore. On my Google account I can setup a passkey passwordless login with a 3rd party password manager. I can do the exact same thing with my Microsoft account. There are still rough edges, for example to setup the passkey on MS I had to select the method "Use your Windows PC" but it all works.