I feel like once web browsers / hardware devices start to implement authentication the UX and accessibility of these sorts of tools can become a default choice for user data.
The hard part is solving the "lost my yubikey" UX issue but I suspect Apple will reach a reasonable solution that finds an OK balance of convenience and user-authenticating security.
untrusted hosts open up a bunch of interesting system designs. i’m mostly thinking about these recently. trusted hosts have good use cases, but shouldn’t be used otherwise. trust hard.
lost my yubikey is somewhat covered by the popularity of crypto. recommend users to backup fido2 secrets as bip39 mnemonics.
ios and android will hopefully help popularize fido2.
The hard part is solving the "lost my yubikey" UX issue but I suspect Apple will reach a reasonable solution that finds an OK balance of convenience and user-authenticating security.