don't prompt for FIDO passphrase before attempting to enroll the

don't prompt for FIDO passphrase before attempting to enroll the
credential, just let the enroll operating fail and we'll attempt
to get a PIN anyway. Might avoid some unneccessary PIN prompts.

Part of GHPR#302 from Corinna Vinschen; ok dtucker@