[lisper]

Two main ways: first, as I said in my original comment, you don't reveal the key when you use a passkey. So at worst a phisher might be able to get you to sign a challenge that they are facing to get into your account once, but they would not be able to re-use your credentials to get in again or to get into another site. And second, in a proper implementation you would have a separate key for every site you want to authenticate to, so a phisher would not have to merely phish you, they would have to mount an MITM attack on an HTTPS session (or find some other way to impersonate the site they are trying to phish your credentials for). That's not impossible, but it's orders of magnitude harder than impersonating a site through a typosquatting attack.

[scherlock]

So, it really doesn’t prevent phishing. If you can get someone to give you their password, you can probably get them to click approve. The real benefit is to the service provider, not having to worry about leaking a secret if they get compromised.

[Ferret7446]

They would have to get you to install a malicious version of your web browser and/or passkey manager, as all legitimate implementations enforce having the correct TLS domain, which is significantly harder than getting you to visit a random URL.

[lisper]

> you can probably get them to click approve

It depends on the type of attack being mounted, but a typical phishing attack is mounted as a MITM attack. With passkeys, a MITM cannot get the client to even ask the user to approve the transaction because the attacker cannot authenticate as the relying party.

You can attack passkeys by, say, compromising the user's machine, but that's not phishing.