The big risk of Google authenticator seems to be if people have their gmail compromised and Google authenticator is synced with their Google account then the 2FA is useless due to a single point fo failure. 

 Very true.  This stuff is so challenging… finding the right blend of security, ease of use, and privacy from the tech overlords. 

 Ente Authenticator is the only one I’ve found that checks all the boxes. 

cross-platform, open source, and end-to-end encrypted backups