Android Password Recovery + 2 Step Auth. What happens?

I recently enabled two-step auth for my Google account, and I'm happy to say it works fine. However: - Application specific passwords, like for Android are temporary, and the guide makes it obvious that you aren't supposed to write them down or save them anywhere. - When someone fails to unlock a password protected Android phone too many times, it allows the user to connect to a WiFi network and login with his/her Google account. - How does this apply to an account with two-step auth? Has anyone had this sort of an issue before? Is generating a new app-specific password enough?