> Compare that to a U2F token where you can very reasonably remove the password entirely and still be just as safe
Not only that, but you can remove the username too: WebAuthn supports a "usernameless" mode where you press "login", touch your authenticator and you're in.
Sure, but that's why you add multiple devices/keys to your account. Reinstalling the OS should be fine.
I'm very much looking forward to password managers acting as soft-WebAuthn tokens so they can hold a simple private key and log you in to sites automatically by answering the login request. That way, you only need to unlock your password manager and you can log in to any site without a u/p.
Just don't get your password manager stolen, I guess, but that's already the case.
Not only that, but you can remove the username too: WebAuthn supports a "usernameless" mode where you press "login", touch your authenticator and you're in.