> but I can't access a passkey-protected service from a friend's phone either.
You can use passkeys across devices. I've logged into sites for people using passkeys on other devices several times. I just tap or plug in my device to theirs when it asks for the passkey and it logs in.
Nor can you access a modern site from their phone unless you have a Yubikey, access to SMS, or a recovery code.
If you need to do this, it works the same for a passkey: if it’s a very close friend, you can share the passkey with them. If not, you can use the same login you’re now with the same MFA. Passkeys don’t need 100% adoption to be effective: the big win is blocking phishing attacks and that works as long as you’re not using passwords by default.
