Add new setting to enforce WebAuthn and disable OTP for Enterprise Users

Proposal

Based on this new feature announced in 17.6 https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html#disable-two-factor-authentication

It would be great to be able to force WebAuthn for all Enterprise Users within our organization. The feature above allows disabling both OTP and WebAuthn which I don't think we'd want to allow at the enterprise level. Enabling a way to force the most secure setting is the ideal outcome.