A passkey is always one per site. Emails tend to be naturally reused, unless the visitor uses a paid aliasing service (plus trick is trivial to canonize, having a dozen mailboxes on a self-hosted email still associates them with each other, because there's no anonymity set to speak of, and major email providers like Gmail won't let you register an account today without a phone number, credit card, or passport).