My biggest issue with FIDO is that it is tied to a hardware device. So if I ever lose it it is a huge pain. So you need at least 2 (so only one can be your laptop with fingerprint or face recognition) and if you even get another one you need to remember every single service that you used 2fa for and enroll it in each of them.
> if you even get another one you need to remember every single service that you used 2fa for and enroll it in each of them
This is perhaps why FIDO2 works best when combined with single-sign-on systems, such as those promoted by large email providers, etc. Fewer accounts to have to manage 2FA devices for, and a greater chance that you've already signed in and authenticated your devices with all of them.
Personally, though, I use a password manager, and have some (but not all) sites tagged as 2FA in the password manager. So if and when it's time to add another key, I can just go down the list. Not as convenient as SSO-based 2FA, but sometimes you really don't want to sign in with Facebook, say. :)
