Yeah, that’s a fair point

Just for the record: Google Authenticator implements an algorithm that is a public standard.

Note that Google Authenticator is just one example – there is a standard behind that called TOTP and all these Authenticator apps are compatible. Also, Google Authenticator does not contact Google servers, it’s entirely offline.

Edit: Ninja’ed by @michaeld