I think point number three is likely what Deckwise is getting at. Every distro is stable when you don’t update it. I generally measure the stability of a distro on the ability to blindly update without taking out something mission critical.

The benefit of passkeys over passwords is that they’re phishing resistant and use strong encryption. They’re effectively an iteration on yubikeys meaning you can have as many (or as few) passkeys associated with a given login as you’d like. So, you can easily prevent there being a single point of failure in the system.

Passkeys are tied to accounts and devices and those devices are the only devices used for authentication. This means you can access your account form a public device without that device ever knowing your credentials provided you and your secure device are physically present so it avoids the whole keylogger issue.