Google's 2-step verification is (almost) the spawn of Satan - iPhone upgrade edition

Two months ago I decided Google's 2-step verification was an incomplete mess unsuitable for use by non-geeks.

Today I decided it's the spawn of Satan.

This is what happens if you refresh an iPhone running Authenticator - either a new phone or restore from backup

1. Restore iPhone from backup
2. Authenticator settings gone
3. Per directions to account page for 2-step verification settings.
4. Discover, despite 30 day authorization, my computer wants authenticator token today.
5. Fortunately, I have my old phone. That works.
6. Realize that there's no support for authenticating a new phone. Ok, I'll just turn off the iPhone ...
7. Get the QR code. That works ... but
8. All the friggin' application specific passwords are gone -- all revoked.

Do you know how friggin' long it takes to enter all those application specific passwords across multiple machines and operating systems?! Can I scream now?!

Friends don't let friends use 2-step verification.

Update: A few minutes later and, for now. I see my (not) application-specific passwords and they still seem to work. So only almost the spawn of Satan. Google needs a workflow to support migrating from one iPhone to another.

See also:

• Gordon's Tech: Implementing Google's two factor authentication - early days
• Gordon's Tech: The massive security hole in Google two factor authentication - problems
• Gordon's Tech: Making the most of Google's alternative "2-step" verification model - more problems
• Gordon's Tech: Google Chrome sync does not work with 2-step verification - still more problems