[ghosts_]

They're essentially certificates, so most implementations will only store them on-device, and most implementations I've seen seem to favor the phone as the device you use.

It really depends on the platform - but in short you'll either need a phone, or be locked into an ecosystem (browser, OS, etc) making using them on multiple devices & browsers difficult or impossible. A password manager supporting passkeys makes this easy as you can 1-click generate a passkey, and 1-click sign-in to services from any device or browser.

[gcanyon]

Given that Apple and Google (at least) are collaborating on a shared standard, shouldn't lock-in to an ecosystem not be a thing?

And: does using a third-party passkey manager open up passkeys to the same security issues as password managers? Specifically, more than remaining within the Apple-or-Google-supplied system?

[ghosts_]

It's shared standard in the sense that all implementations will be the same, AFAIK passkeys you generate on iOS systems aren't easily used on windows ones, etc. Or they'd require scanning a QR code from a phone which IMO sucks when a password manager has it in the browser already.

Also what security issues with password managers? There's some potential concerns with extension-based over OS based systems, but if your device is compromised where someone can actually access memory then they'd both be equally void to some extent, AFAIK there's nothing seriously concerning security wise on a password manager vs keychain, etc.