June 30, 2021
5:06 a.m.
Just for interest, I noticed a failed login attempt to my Github account about two hours ago, originating in Toronto.
That's the first fishy thing Github's security log ever showed for my account.
I do have 2FA enabled there now, so I'm not worried.
Coincidence? About a week after I enabled 2FA for my Microsoft account, that _also_ notified me for the very first time of a failed login attempt.
Maybe the NSA tracks when people enable 2FA, and after about a week gets around to making sure they can still break in ;-)