Just let me use passkeys at this point. The way that people typically use passwords is less secure anyway, why not just make it as simple as possible?

I forget. Are passkeys the access method that prevents you from logging in ever again if you lose access to a device?

Typically, no. You're thinking of TOTP/Authenticator based 2FA. Those still come with backup codes in case you break the phone that has the TOTP codes warehoused. I always recommend keeping those backup codes saved in the notes of whatever password manager you're hopefully using. Passkeys are essentially just one half of a cryptographic key pair (like what you'd use for authenticating SSH without passwords). These allow you to authenticate once using password + 2FA, then use the generated passkey for future sessions. Since these are much more complex than passwords and remove the need to actually remember anything, they are significantly more secure. There are also some other features that I'm forgetting, and that may not be a perfectly accurate description, but I think you can get the gist.

Passkeys are supposed to be bound to one device and protected by that device's OS's secure enclave. If you have a second device you're supposed to create a second passkey. That's why many sites will flat out refuse to let you create a passkey with a desktop browser since a PC-stored passkey doesn't fit the security model.

Websites should not get to dictate *my* security model. I'll accept annoying me about being less secure because I get that people are dumb, but you've gotta choose somehow! Also, any passkey is safer than a password, so that's still BS.