My worry is in the future there may sometimes be no other option than to take this "advantage". If a site implements the new auth standard, will it also keep the current username/password/2fa as an alternative option?
I think that probably depends on popular adoption. If going passkey-only causes a significant reduction in users being able to access the service, then there will always be a non-passkey option.
Personally, I think there is significant friction to adopting passkeys, so there is little risk of being forced into using them in the near future. Longer term, though, I have no idea.
