Yeah, that’s a fair point
Just for the record: Google Authenticator implements an algorithm that is a public standard.
Note that Google Authenticator is just one example – there is a standard behind that called TOTP and all these Authenticator apps are compatible. Also, Google Authenticator does not contact Google servers, it’s entirely offline.
Edit: Ninja’ed by @michaeld
