With the recent focus on security (caused by some major issues with large companies) Google has responded by reinforcing their 2-Factor Authentication method. Thankfully, there's a way you can implement that functionality in your applications too using the information in this tutorial (note: the date of posting is older, but it's definitely relevant now).
Many large web services nowadays support 2-step verification to enhance the security for their users. [...] The main point about 2-step verification is that something else than your computer provides that token. If it's on your computer and that one gets stolen (or hacked into), it won't help much for the additional security. That's why you need a second device for those tokens.