Sometimes you’re going to run across an application that uses the Google API, but for whatever reason does not support 2-factor authentication. Google has wisely built an infrastructure for such incidents. In your security settings, you can create “burner” passwords that can be used for specific applications. You typically don’t need to remember or write down these passwords because they are persistent on the device accessing Google, only accessible to one application, and can easily be exchanged for a new code if ever compromised. To get one of these passwords, head over to http://myaccount.google.com/security
If you’ve never used this section of Google before, it would be beneficial to take a couple of minutes to familiarize yourself with the options available before proceeding. When you’re ready, scroll down to “Signing in to Google” under the “Sign-in & security” section.
In the screenshot above, you can see the “App passwords” heading on the bottom-right. Click this section and you will likely be prompted to enter your Google password again before accessing the app passwords section.
The following page will present you with a list of applications using specific passwords. To create a new password, just select the appropriate options from the drop-down menus and click “Generate”. You’ll be presented with a 16-character password that you can use to log in persistently with a particular application (such as Outlook or Apple Mail). If the password is ever compromised, you can simply click the “Revoke” button and the password is burned forever.