My first impulse after ruling out Google Authenticator was to simply switch to Microsoft's Authenticator app (which I already had to use for a work-related thing anyway), thinking "of course MS would not make the same stupid mistake". Turns out they would, and they did. So alternatives from smaller vendors were the only option. In evaluating them, I focused on popular open-source solutions that had the features I deemed important (notably, local backup), and looked into the history, provenance and reputation of their vendors. Nevertheless, some risk will always remain.