I don't see people mention this enough, but iCloud Keychain generates TOTPs. I've been migrating all of my accounts slowly to just use the built-in Apple Passwords functionality.
Additionally, iOS 18 will introduce a Password app making the functionality easier to discover. People are still surprised to learn that iOS has built in TOTP support, but it's just buried deep in the settings.
BTW, there's a hack you can do to create an iOS Password app in iOS 17 and below by using Shortcuts to launch the deep linked setting directly.
Indeed, I don't understand why people's reactions to not liking and being trapped by a lock-in walled garden strategy (Authy) is to switch to another lock-in walled garden strategy (Apple).
I trust no corporate entities, and try to minimize my exposure, but I agree it makes some sense. Apple is too big/public to screw around with making a quick buck by changing terms. They are also likely to have significantly better security posture on every aspect of application development and distribution.
How much stringency does a code/platform change get at Authy vs Apple? However, once you are in the Apple walls, they are just as ruthless at keeping you locked inside, which is why I try to minimize my dependencies where possible.
If a single remote service can lock you out of your 2FA accounts then you failed with your backup policy. I don't use it, but Apple Passwords makes TOTP secret backups possible, via bulk export and initial key setup.
In Safari, right click on TOTP QR codes.