Passkeys are auth garbage. Normal users do not benefit from overly complex auth.

You tap your finger and you're done. Faster than a password paste. How is that complex or difficult UX?

Too confusing for me, I don't get it. How do I record my login info on paper so my family can get in if I die?

I'm not a fan. But what Anthropic SHOULD have done is use plain ol' SSO. Google, GitHub, Microsoft, etc. logins with the option to do this magic link stuff. The third party auth providers would use passkeys at the user's discretion.

Don't they have Google SSO?

I store passkeys and totps in 1Password. I know it means there's no hardware protection of the secure element, but in return they're trivially synced across my devices.

I feel this tradeoff is worth it to me; certainly it is no worse than email or SMS as the second factor.

Chrome Sync, iCloud Sync. There are great answers for this.

Sure. But if you sync passkeys, are there any advantages apart from phishing protection?

The biggest advantage for me is using the hardware secure enclave, thus effectively getting a 2nd factor.