You know it makes sense, so get that Google passkey set up now.
Unfortunately you'll be guided to storing those in your Google account too, so your everyday user will still get locked out, in some ways it's worse because a lot of sites will only accept a "recovery key", email confirmation is no longer enough (not that it matters if your GMail is also locked out)
People should be setting up Recovery Contacts so that they have a way of getting back into their Google account even if they lose all credentials (passwords and/or passkeys) and all their devices.
i don't really use gmail (i self host for more than 25 years), but I do have few throw away gmail accounts that I registered way back when gmail started. they all have recovery contacts/emails configured.
a few years ago gmail stopped letting me login. password was ok. it was saying something about my login been suspicious or something and that it will send me code to recovery email. i was getting code on recovery email, entering it and getting back message saying "we still not sure that everything is ok, try again later".
it took 6 months before i was able to login to account.
Unfortunately you'll be guided to storing those in your Google account too, so your everyday user will still get locked out, in some ways it's worse because a lot of sites will only accept a "recovery key", email confirmation is no longer enough (not that it matters if your GMail is also locked out)