According to lcamtuf[1] how people move mouse and use keyboard are unique per person, it's your personal digital-fingerprint that can be transferred to track you elsewhere.
I could see using this for fraud detection and then kick off a 2FA flow if it couldn't verify.
However, most biometrics aren't the best single line of verification. You still have to add a backup verification of some kind.
Examples, I was working on my car all weekend and my hands have new calluses on them and my finger print is off. I got a new keyboard and my typing pattern is different, etc.
Unfortunately, it's not just JS, but several other indicators. In practice, if you don't use the Tor Browser, it's as if you decided to leave tracks everywhere, almost identifying yourself. Yet, this is not common knowledge among web users. These are the things that children need to be taught in schools. The society as a whole needs to be aware and learn how to protect itself.
That is victim blaming, just because you do not know that everybody out there is tracking you does not mean that you have decided to let them.
I agree that this is something people should be more aware of and school is a good place to start. However it is up to browser manufacturers to fix this, not users.
The comment says "it's as if" you are intentionally leaving traces everywhere. So, the effect is the same as doing it intentionally, not that users are to blame somehow.