Opening up the "case" requires disconnecting the "computer" from "power". Since we haven't figured how to get "the power" going again once it's off this analogy is kind of worthless.
See, I don't get this. Last time I tried fastmail I ended up on proton because it was just slightly... Kludgy. DNS was slow. Webmail was a mess. And the mobile client scene wasn't worth it.
I would use this in addition to those. Instead of having to buy two Yubikeys I can buy one and use a software solution as well.
Since I already use a phone capable of doing the same thing, let my phone be my main authenticator, and then I can use a Yubikey as a backup.
It's not like one is necessarily better than the other, except that you already carry a phone and they're capable of being a hardware device that works with Webauthn. No need to carry a second device or, pay for one, for that matter. Since at least with Apple's solution it'll sync over iCloud Keychain.
If you're happy with Yubikey's, nothing changes. But for the average person, this makes Webauthn an option without having to buy any hardware or carry something you are more likely to lose because you don't understand the intricate details of how the thing works. I wouldn't expect my parents to understand how a Yubikey works well enough to know it should be used as a pair, for backup purposes, but that is a barrier to entry for them that they don't need to worry about now.
"To address the common case of device loss or upgrade, a key feature enabled by passkeys is that the same private key can exist on multiple devices. This happens through platform-provided synchronization and backup."
Thus, unlike a FIDO2 key, you don't have to visit every online service to tell it about the new redundant keys you add.
The rest of the security article linked by madjam002 goes into detail how Google implements their version of that backup. It's a bit like Keybase in the sense that your other devices act as keys to unlock the backup for new devices.
Passkey will be supported, with no new user behavior, by ~a billion devices currently in use. It is better because a billion+ devices already have support for this.
This is public-key-crypto-based authentication for the average user who will almost certainly never buy a security key but who probably owns a device that offers secure identity verification (laptop, phone).
Yubikeys are great but they're super niche. Among Android users alone there might be a billion people who will never buy one.
At the very minimum, one undeniable technical advantage Passkeys have -- that they share with their foundation, WebAuthn -- is that Passkeys are unphishable.
Don't all fido2 yubikeys support webauthn? They have the advantage that they can't be cloned/sync/etc. Might be an inconvenience for some but for me that's an advantage.
It's the same as "Google Authenticator" being used instead of TOTP. I think it's reasonable for apps' documentation to meet users on their turf to aid understanding.
This is because the fido2 libraries follows a lot of defacto standardisation: either to match yubikey or windows hello as the only real implementations in the wild. Fido2 ctap extensions would support all the use cases of the new device except you won't be able to use them e.g. in windows because vendors are ignorant about all the openess to push their own agenda.
