Firefox has supported WebAuthn since version 60, which enables use of CTAP1 (FIDO U2F) devices as second factors. It will soon support CTAP2 (e.g., FIDO2) as well.
Since WebAuthn is our best technical defense against phishing as its known today, it should be made as simple as possible for end users to use that defense. I recommend enabling this as a default.
(This is in response to Bug 1594375 at Mozilla)