For anything that is important enough, I put passkeys on 2 separate FIDO2 key devices directly. Services that come to mind are things with recovery backdoors; like email or device backups. Unfortunately many banks and financial institutions don't support passkeys, but I'd consider using that solution there too.