Threat models for storing passwords, TOTP and passkeys in a single password manager?

TheDoc:

Off-topic but if these are your only 2 copies I strongly suggest creating a third backup on a flash drive stored somewhere away from your home.

Thanks for the heads up, I’ll for sure do that.

TheDoc:

If instead you stored your passkeys on actual hardware (smartphone or security keys) malware generally shouldn’t be able to retrieve your private key.

That’s if I store the passkeys on devices separate from my iPhone (like a YubiKey) but if my passkeys are stored in Apple’s password manager on my phone then malware can get the secret, couldn’t it?

TheDoc:

Similar to passkeys stored on hardware, they can sit in as a MITM on your laptop but lack the actual secrets (stored on iPhone, YubiKey, etc) to gain persistent access to your accounts thus making the account compromise temporary.

I see, so I guess I confused temporary access with permanent access. Now I’m wondering if I should sacrifice the convinience of having all credentials in a single database or separate them (password on .kdbx, TOTP on Ente Auth on iPhone, and Passkeys on iPhone) for a feeling of increased security (I don’t know how likely it is for my computer to get compromised).

I was thinking of getting a physical key but it seems like a pain to always keep in hand and making sure to have backup copies and so on. Also, sadly my phone doesn’t have USB-C so I can’t even use it on both PC and phone .