Many many years ago, I did some work for the NHS. As part of that, I was given access to certain GitHub organisations so that I could contribute to various projects. Once I left that job my access was revoked. Mostly. A few weeks ago, I received this email from GitHub. On the surface, this is a sensible email. They want all their members to only have strong 2FA and I still had SMS configured …