Cookie autodelete is also worthwhile to prevent cookies from lingering unnecessarily.
The Resist fingerprinting and Third party isolation settings is also worth a try, it doesn't stop everything but it does prevent some of it. For usability I usually install the corresponding add-ons so I can toggle them with a button (these settings tends to break stuff).
LocalCDN may also help a bit by using local copies of commonly used resources.
I used to have an add-on that could spoof the font detection by making small random changes to font sizes, but it stopped working and I haven't found a replacement.
These tests are sketchy - I have been awarded 17.85 bits on this browser however 13.94 bits come from one line item:
> System Fonts Arial, Bitstream Vera Sans Mono, Bookman Old Style, Century Schoolbook, Courier, Courier New, Helvetica, Monaco, Palatino, Palatino Linotype, Times, Times New Roman (via javascript)
But as a Linux user, those are all mapped by Freetype (some to the same typeface) as many of those are copyright (? encumbered, not freely licensed) fonts:
$ for zzz in Arial "Bitstream Vera Sans Mono" "Bookman Old Style" "Century Schoolbook" Courier "Courier New" Helvetica Monaco "Palatino Palatino" Linotype Times "Times New Roman"; do fc-match "$zzz"; done;
LiberationSans-Regular.ttf: "Liberation Sans" "Regular"
.. 12 more lines of font replacement maps...
This website javascript test is measuring a heuristic, giving it a very high score (almost twice as high as anything else, "Hash of canvas fingerprint" is next) but that measurement is patently false compared to the real data. (it also reports no Ad Blocker used and I have uBlock-O fully enabled).
I am a lifelong EFF fan and supporter, but... well, if everyone (ad / tracker people) is using this code and set of techniques I'm better off not pointing out how wrong it is. :)
It's almost like how Airwolf used to toss out chaff left and right to escape the bad guys, I have Earnest Borgnine in the back going "Why can't we hover like regular helicopter people?" as Firefox tosses out fake font results to Javascript sniffers.
At the most extreme using Tor Browser and its defaults maximises privacy for any general loginless browsing.
If you're logging into services with accounts then a mix Firefox containers, uBlockOrigin, ClearUrls and Smart Referer provides pretty decent privacy.