0
As far as I noted google's application specific passwords could be used to access for example, my Gmail, but from another email client (not web ui). So what is the point to use them then?
Also, does Google's 2-step authentication protects from cookie stealing? I mean, if someone steal my google cookies, will he be able to login to my Google Account?
1But does attacker able to change my Google Account password by using application specific password? – Paul Podlipensky – 2012-01-18T00:03:44.640
No. I just tried using an App password to change my Account password and got the error 'Password is incorrect' – OrangeBox – 2012-04-24T05:29:55.597