I was finally able to find some technical detail on passkeys on FIDO website, and yeah, it actually looks like it’s a real improvement over passwords: it’s simple, uses proven technology (public/private keys), and should be much more secure than passwords.

Also, nothing in the “specs” says I need to entrust my private key with the OS or a third party, which is good.

That said, it seems some OS support is required nonetheless, to show the pin / biometrics prompt (or is it?), and on android at least, I’d need to buy a new device with Android 14 to use a non-Google passkey provider…