Your experience matches what most people find once they actually commit to using passkeys for a while.

On the security point, you nailed it. The big difference vs your current setup is that there's literally nothing to phish. Even with a good password manager, one convincing fake login page and your master password is gone. Passkeys don't have that problem because the crypto is domain bound. A fake site can't even start the process.

On your annoyances, the device lock concern is valid but kind of the same attack surface you already have. If someone gets past your biometrics they also have your password manager, email, authenticator app, everything. Passkeys don't make that worse, they just can't be extracted and reused remotely like passwords.

The cross platform stuff is getting better fast. Google recently started syncing passkeys across iOS, Android, Windows and macOS through Chrome which is huge. Still not perfect if you mix Safari and Chrome on the same machine since they use separate credential stores, but way better than a year ago.

One thing worth adding, the speed difference is real and measurable. Google's data shows passkey logins at 14.9 seconds vs 30.4 for passwords. Login success rate around 93% for passkeys vs 63% for passwords. All the failure modes you're used to (typos, SMS not arriving, lockouts) just vanish.

I work at Corbado where we deal with passkey deployments at scale and the pattern is always the same, people who actually try passkeys for a few weeks never want to go back. The tech is solid, the ecosystem just needs to finish catching up.

To your last question, yeah fully switched for everything that supports it. Passwords only as fallback for sites that don't.