The (over?) simplified version is they’re basically the same as the key/certificate pairs you use to connect to a website securely while also proving its identity to you.

Some key benefits of passkeys are:

• Your private key doesn’t leave your device (or your password manager). You no longer have to worry about if the website you’re using is incompetent and storing your password in plain text waiting to be stolen in a breach. The only one who can expose your passkey is you (or your password manager)
• Your passkey isn’t something you have to remember so for the unwashed masses it’s more idiot proof because they’re more secure by default