I implemented Google's two factor authentication about three weeks ago. It's mostly working, but there are a few issues:
- Application-specific passwords are risky.
- You can't de-authorize a computer from Google Accounts.
- Authentication isn't working quite right with Google.app on the iPhone.
- I've had to create more application-specific passwords than I'd expected
The big positive is that with two-factor and https I'm now willing to connect with an untrusted machine. By untrusted I machine a machine that has a reasonable chance of hosting a keystroke logger. That means any machine running XP and any machine I don't control. My work laptop, for example, is doubly untrusted.
A second bonus is that I'm now more comfortable with using my Google account as an OpenID/OAuth server.
The biggest problem is application-specific passwords. They behave like regular passwords, so if a keystroke logger captures the password one it can be used to, say, get access to your email from OS X Mail.app.
You really, really, really do not want to use an application-specific password on an untrusted machine. Google should provide more warning about their use. I use them on my iPhone and and my home Mac.
Use of application-specific passwords on an iPhone is a PITA. You can't generate these from an iPhone and they're a nuisance to type in. I've stored one in the encrypted 1Password database I use on my iPhone for reuse only on that device. (I'm taking this risk since if my iPhone is stolen and the 1Password database is hacked I'm in a world of pain anyway.)
Having this password on my iPhone is particularly important because Google.app's current behavior is obnoxious. In my case I entered a application-specific password and authenticated. Subsequently other iPhone Google App references (example desktop shortcut to Google Reader) requested a Google account password, not an Authenticator password and not an application-specific password. Every two weeks or so, however, Google.app makes me enter a NEW application-specific password.
The second shortcoming is that there doesn't seem to be a way to easily de-authorize a computer. When you first connect to a Google account from a new machine you're asked to enter your Google password . Then, if you're using Authenticator.app, you're asked to enter your Authenticator token. At that point, if the machine authenticates, there's an option to authorize it for a month.
There should be a way to reverse that decision from your Google account. For example - what if the machine is lost? What if, as in my case, you make that choice from an untrusted machine and decide it was a bad idea? (In theory deleting cookies will undo this, but, perhaps due to user error, that didn't work for me. Of course that also requires physical control of the machine.) For now, be careful to only "authorize" your primary, secured, non-portable, home machine.
Lastly I've found I needed around 8-14 application-specific passwords, even when I reuse one - such as for IMAP and SMTP authentication from OS X Mail.app. There's no way around this one -- I use a lot of Google services from many devices and accounts.
Overall I'm pleased with Google's two factor authentication. They've given it a lot of thought, and I love that they've open sourced key parts of the infrastructure. We needed this years ago, but I'm grateful to have it at all.
 At that point, on a keystroke logger infected machine, your Google password is public knowledge. That's why I was willing to simplify my Google password. I now assume it is public, though I obviously haven't made it public.