Face ID sucks mainly because it doesn't fulfill all the use cases of the technology it's replacing (TouchID). It's a very bad thing for a security measure to only work under certain conditions, and then force you to use a "less secure" (passcode) method later on. This may not seem like a big deal, right up until you are in a bad situation and need it to work immediately, or until you have someone come into your life with malicious intent.
TouchID as a practice is better because it is virtually impossible to crack in the real world. However, public perception is quite the opposite, and I blame shows like NCIS. In them, they show fingerprint technology as if it's the easiest thing in the world to lift a clean print from someone's hand that will unlock their device. In reality, most people never leave more than partial fingerprints anywhere they go, or their fingerprints are usually mixed in with everyone else's. Someone would have to go through a lot of effort to obtain even one clean print that could be used to unlock your phone.
This should be obvious - fingerprints are secure because nobody knows what a particular one looks like, and they are virtually impossible to get a picture of in the real world. They're secure because each particular print pattern is a mystery, even to you. Most people could not pick out their fingerprint from a lineup. Also, they're not susceptible to "good enough" attacks, where (as in the case of close relatives or twins), the phone can't tell the difference using facial recognition technology. Fingerprints don't have that issue - even identical twins have unique prints.
With facial ID, it's (relatively) trivial for someone to set up HD cameras, hidden or not, that can capture enough detail and 3D data to accurately mimic someone's face. It's a bad thing when an average person like me can see a clear path to hacking your iPhone - use an old MS Kinect or two for depth perception, 2-3 HD cameras, and a 3D printer. Given that the phone relies on a "mathematical interpretation" of your 3D facial pattern, a hacker doesn't have to access the camera to fool the device into thinking its received the correct information - they just have to have a way to pass in the correct "mathematical" pattern, and with an accurate representation of your face on hand, they have a lot of time to get it right.
People are generally misinformed about data security because they assume an attacker is going after them personally. But with the setup I just described (which totals perhaps $5,000-$10,000 tops), a hacker could have their pick of thousands of people, and select the ones who they suspect or know have something valuable they want to steal.
This doesn't matter to you right up until you're just about ready to tap into some large savings account or get a large line of credit, only to discover that it was infiltrated by someone who had your biometric data (and consequently, all your other data). You do remember that Facebook (80 million), Mariott (383 Million), Target (70 Million), Equifax (143 million), Anthem health insurance (80 million) and literally hundreds of others have been hacked over the last decade, right? Every new "security" measure just gives hackers another vector to steal your identity. Even merely "storing it in the device only" doesn't do much good, because no hacker is going to tell Apple that they discovered a way to perform a man in the middle (or some other more sophisticated) hands-off attack. Every security measure is basically just a company pretending to secure your devices while (inadvertently or not) stockpiling a huge amount of information just ripe for the malicious attacker to mine.
Also, there's the issue of time, so-called "edge-case" convenience, and what UI designers might call a "persistent snag." Looking at your phone in bed in a dark room from an oblique angle is not an unusual edge case. But that causes FaceID to fail, forcing you to enter your code. We never get any more time added to our lives, and even if it only takes an additional couple seconds to enter a code, that adds up to minutes a week or even hours a year of your life spent trying to just get inside your phone. This is a persistent snag that is as annoying as a splinter, and has no place in a device that costs $1,000.
So! FaceID, for whatever convenience it does offer (and it obviously offers a decent amount or they wouldn't keep using it) fails to cover all the use cases of fingerprint ID's. It slows you down, even if you don't realize it. It's not as secure, it's not as convenient, it's not as reliable. So why are we being forced to use it again?