Firefox as an webauthn security device

[Mikaela]

I am not sure if this is a good idea or security risk or Nightly, so maybe this is a note to self instead of actually getting committed until further information is obtained?

• security.webauth.webauthn_enable_softtoken true for enabling support for it
• security.webauth.webauthn_enable_usbtoken false to disable support for USB security keys so the integrated one might work
• security.webauthn.ctap2 true I am not sure if it does anything currently, but in the future it should allow scanning QR from Android and iOS 16?
  • https://bugzilla.mozilla.org/show_bug.cgi?id=1530370

[Mikaela]

I wonder if I should add this as an extra section (like SSD or TTR) as regardless of potentially not being great, it improves usability of Gitea and especially GitLab.com which constantly logs me out for reasons unknown even without a VPN.

[Mikaela]

I think this is a bad idea.