I have a Giffgaff SIM for this reason. The expiry is 6 months and I have remembered to use it within that period so far. Not ideal but I would imagine you need a 2FA code more regularly than that.

I wonder if used with a smartphone (mine is in a dumb Nokia) whether you can automated a SMS send or outgoing call once every month or something?

You could avoid using SMS for 2FA. Most websites offer TOTP as first choice for 2FA. For the ones that insist on SMS 2FA being first choice, I don't bother using anymore. I delete the account and find another provider.

"most websites" has not been my experience at all. Sure, for the big ones like email that's and a lot of dev tooling that's the case. But there's a huge amount of services that requires SMS verification and once you loose access to that number you get locked out. A very common case is loosing ones phone (or having it stolen), at which point you have to log into your accounts again from another device but also don't have access to your SIM anymore.

Funnily Google suite does not offer TOTP with Google authenticator… Unless you use SMS/Voice 2FA first… and then you can activate TOTP, I asked if I can then remove the phone number later, and was told that it is possible, and that they won’t use this number for anything in the future. But who knows…

The NHS requires SMS 2FA - can't get around that.

I’ve moved my mobile number to voip using https://www.aa.net.uk/voice-and-mobile/number-porting/mobile... and receive all text messages via mail. Use it for call forwarding when I’m abroad to avoid roaming charges, also sim swap attack seems less possible?

I did that a few years ago but have been finding that every year more and more websites are recognizing the number as VoIP and refuse to send SMS to it.