Ah ok, yes the shoulder surfing is definitely a problem.
Hard to mitigate somebody looking over your shoulder, this is the case with most password managers, but I understand why this is a more likely scenario.
In a semi-safe situation (e.g. on busy public transit or in a crowded place with people behind me), I do sometimes unlock my password manager using Face ID to access a website, but I'd never enter my passphrase if the biometric unlock fails.
If somebody watches me enter my passcode and then rips the device out of my hands and runs off with it (assuming the password manager is not open), they now have access to most of the content on my phone, but importantly not the parts protected by Face ID, which includes the password manager.
If I had used Apple's password manager instead, they'd be able to recover all passwords (using the tactics described above or simply enrolling their own face in Face ID, which is possible using only the passcode).
I have an iPhone and while I understand that Face ID probably has fewer false positives than fingerprint recognition, I really miss the physical rear sensor on my Pixel 2. I don't know what the collision rate is, or how easy it would be to break if someone stole the phone, but it was a really great user experience: haptic feedback is good, it was/is incredibly reliable at unlocking and it was useful because you could pass your phone to a partner/passenger in a car and unlock without looking (i.e. no more unsafe than changing the cabin temp) and no need to share your pin if with a stranger. I think the only time it failed was after climbing with chalky fingers.
If you reset/create an alternate appearance for faceid does that force a manual login for the services that use it? Because your device passcode lets you change all the faceid stuff… too lazy to mess around with it myself
Apps can choose [1] to tie have keys to the current set of enrolled biometric credentials (i.e. faces or fingers), and at least my password manager does that, as far as I remember from some testing.
Some apps don't, and some even react really poorly to a change of the biometric set (i.e. crashing at every Face ID use with no way to reset other than reinstalling), so I'm also not too keen on testing this on my main device.
One thing that surprised me during my limited testing was that Apple apparently doesn't make use of this capability for storing the "encrypted notes" passphrase, which effectively also reduces the security of that to that of the device passcode.
Hard to mitigate somebody looking over your shoulder, this is the case with most password managers, but I understand why this is a more likely scenario.