It's a tradeoff, as usual, between convenience and security.
1 passkey per device = someone has to steal that device to steal your passkey ("something you have")
all passkeys in one manager = something has to steal your password manager login to steal all your passkeys ("something you know")
In my experience, passkeys aren't typically 2FA either, since they just replace your password login instead of supplementing it. It's 1FA, either replacing "something you know" with "something you have (your device)" or "something your password manager knows, based on something else you know".
----------------
FWIW, I store everything in a password manager, including all my passkeys. The primary benefit of passkeys for me hasn't been increased security, but improved convenience, since it's much faster than dealing with SMS/email/OTP-based 2FA. It also means I can login from any device to any website without having to manage individual device keys. I just have to memorize one master password for the manager, and everything else is automatically synced across devices & browsers.
The downside is that if my password manager gets hacked, they'd get access to everything and could masquerade as me everywhere. There is no longer a real second factor (something you "have" or "are"), since it's all just info stored in the password manager (something you/they "know"). That's a tradeoff I accept for the convenience. But if you value security more highly, you probably shouldn't do that.
Personally I prefer 1password to Bitwarden because it has a better UI. But it stores everything in the cloud. So far their security record seems solid (at least compared to Lastpass, but that isn't saying much). With any of these things, it's use at your own risk. Device-tied passkeys are safer (assuming the device itself is encrypted and has login protection) since they're not centrally stored in one place in the cloud.
1 passkey per device = someone has to steal that device to steal your passkey ("something you have")
all passkeys in one manager = something has to steal your password manager login to steal all your passkeys ("something you know")
In my experience, passkeys aren't typically 2FA either, since they just replace your password login instead of supplementing it. It's 1FA, either replacing "something you know" with "something you have (your device)" or "something your password manager knows, based on something else you know".
----------------
FWIW, I store everything in a password manager, including all my passkeys. The primary benefit of passkeys for me hasn't been increased security, but improved convenience, since it's much faster than dealing with SMS/email/OTP-based 2FA. It also means I can login from any device to any website without having to manage individual device keys. I just have to memorize one master password for the manager, and everything else is automatically synced across devices & browsers.
The downside is that if my password manager gets hacked, they'd get access to everything and could masquerade as me everywhere. There is no longer a real second factor (something you "have" or "are"), since it's all just info stored in the password manager (something you/they "know"). That's a tradeoff I accept for the convenience. But if you value security more highly, you probably shouldn't do that.
Personally I prefer 1password to Bitwarden because it has a better UI. But it stores everything in the cloud. So far their security record seems solid (at least compared to Lastpass, but that isn't saying much). With any of these things, it's use at your own risk. Device-tied passkeys are safer (assuming the device itself is encrypted and has login protection) since they're not centrally stored in one place in the cloud.