Even if you read the privacy policy, there is no guarantee that the company actually adheres to it.
These all work great for me:
qwant.com
startpage.nl
ecosia.org
2 factor authentication is not about security. It is about forcing open source developers to identify themselves by providing a phone number or other similar information.
Do not use Github. Microsoft corrupted it.
Do not use GitHub. This should be the final straw.
Even if you read the privacy policy, there is no guarantee that the company actually adheres to it.