Trying to choose between Apple Passwords and Bitwarden
I recently started reorganizing my digital security and separating my online accounts. As part of that process, I also decided to strengthen my security by buying a Yubico Security Key C NFC.
The problem is that I'm still not sure which password manager I should use. At first, I settled on Bitwarden, but Apple's Passwords app is very appealing because it integrates seamlessly with the rest of my main devices and would allow me to avoid relying on third-party software. On top of that, once I buy a second security key as a backup, I'll be able to use them to better protect my iCloud account.
On the other hand, I do have a Windows PC that I use occasionally, and that's where Apple's password manager could become inconvenient.
However, when I think about the accounts that are actually the most critical, such as banking and financial services, none of them can really benefit from a hardware security key. Banks don't support FIDO2/WebAuthn and instead require their own authentication apps, mainly because of European regulations. As far as I know, the Spanish public administration doesn't support this standard either and my YubiKey can't be used with my FNMT digital certificate.
So I'm wondering whether Bitwarden is actually worth the extra complexity in my situation, or if Apple's Passwords would be the more sensible choice.
P.S. A third option would be to return the YubiKey altogether.
UPDATE
Thanks everyone for your replies, but I've decided to return the YubiKey.
I think the FIDO2 standard is really promising because of its passwordless approach, and I believe that's the direction authentication should be moving toward. However, the current implementations haven't convinced me, and I couldn't justify buying a second key just to use a hardware security key with my Apple account.
I also wasn't aware until today that if a service allows alternative sign-in methods alongside a hardware security key, the overall security of the account is ultimately limited by the weakest authentication or recovery method that's enabled...