In my experience, when I have to use some 6 digit pin to log in to, say, my internet banking, or some other service which requires 2FA; the PIN itself always seems "catchy".
Example PINs include:
232323888666120130112211228229
Is this my brain trying to find patterns, or is their generation somehow done in such away which prefers "catchy" PINs (to make them easy to remember when typing them in)? It feels like I never get a truly "random feeling" PIN like 703926 (say).
Yes. The numbers generated internally are actually fully random 31-bit integers which then get reduced $\bmod 10^6$ yielding a bias of less than $2^{10}$ to small values (the bias gets slightly worse for 7 and 8 digits).
Details
The actual details are in RFC 6238 (TOTP) which esstially just invokes HOTP (RFC 4226) with a conversion of the current time in seconds (since epoch) into the number of time steps (since epoch). HOTP then essentially computes $\operatorname{HMAC-SHA1}(K,C)$ using a fixed shared key between you and the service and using the counter value $C$ as derived from the time. This yields a 20 byte random value (assuming HMAC-SHA1 is a PRF which is a pretty weak and still true assumption). From these 20 random bytes 31 random bits are extracted in an non-straightforward (and security-wise useless) way. Then these 31 bits are treated as a normal 32-bit integer by your processor (with the top bit cleared to avoid wonkiness in the modular reduction) and reduced modulo $10^6$ yielding the displayed number.
Applying a PRF keyed with a random key to a not before queried value yields a freshly random value (if not the PRF assumption would be broken). Extracting the 31 bits is (hopefully) done in a way that preserves as much entropy as possible (i.e. 31 bit). Reducing a 31-bit value $\bmod 10^d$ then introduces a small bias towards the low $2^{31}\bmod 10^d$ values by about $10^d/2^{31}$ which is small enough for all standardized values of $d\in\{6,7,8\}$ - especially given the fact that we only have 31 bits to work with here.