Remove/Disable QR Login

I believe that there have been a few posts about this over the years, but they never seemed to have gotten off the ground. While I'm personally of the opinion that the feature should be removed entirely, I understand that some people might want to use it for some reason.

At the minimum, I think the user should be able to opt-out of this feature, disabling it for their account. It would probably be the easiest solution to implement in the short term. Additionally, I'm of the strong opinion that QR login should not bypass Multi/Two-Factor Authentication (MFA/2FA), even if the user has it enabled, since it poses a huge security risk.