The algorithm is the same. The website provides a shared secret key, which you scan in the form of a QR code when you set it up for the first time. The authenticator uses that key, along with the current time, to generate a code. The website does the same thing to see if the code matches.
that is a heavy argument, I must admit. Well I see, that I learned something new today and I'll give it a try, thank you guys for this info
it is interesting to find something new and useful