One thing I wish that Google would allow is for me to select what service my 1 app password can be used with. For example, I can create a new password that only allows access to IMAP and SMTP for example, but won't allow the attacker to log in to Google Talk...
