- 2FA application: Either Aegis Authenticator[1] or andOTP[2] - both of them are free and open source applications. There was a discussion on HackerNews[3] about Aegis where the top comments ended up comparing it to andOTP (which has been alive for more time than Aegis). Both of them also allow you to export an encrypted .json file that could be imported in the respective app (or others) in the event of you losing your device.
Good thing about andOTP app is that it can work even on very old smartphones, this is only option that still works with below Android 5.
It works even offline without internet connection, and I suggest making offline backup whatever app you use, but I know people are using keepass for backup.
I trust any of this options much more than any cloud service.