It's bizarre. Why is a Google app using an application specific password instead of your authentication code? The only reason an app should not use the two factors is if it's some legacy protocol that only takes a single userid/password pair. WTF.
Google's own apps should really support 2-factor auth, and they should improve the flow for app-specific passwords.
The flow for getting an app-specifc password is awful. It takes a large number of clicks (I think 7, but I lost count), and several of the pages are confusing. Not only that, but you have to enter your password and a name of the app. Ideally, it would be a reduced number of clicks (like 2–3), entering your password, and that's it. Adding a name for the app should be optional. My apps all have names like “alsjdlajshd” or “9”, because I'm impatient, and the likelihood that I'll ever need to invalidate one is low enough that I would be okay with just invalidating them all.