Why doesn't gnome-online-accounts accept a Google "application specific password"?

I use 2-step verification with Google, so when giving permission to gnome-online-accounts to access my Google account, I have to type in the authentication code as well. That's just fine, it's how things are supposed to work.

However, every so often my login would be reset and I'd need to re-enter everything. So, I tried to create an application specific password for use with gnome-online-accounts, but it won't accept it; it's telling me to use my account password instead.

Anyone knows why that is or--more importantly--if there's any way of changing the way it works, or otherwise save my Google-credentials with gnome-online-accounts under 2-step verification?


Solution 1:

This seems to be a bug. And from what I read, it looks like there is a workaround for Gnome 3.8.

Are you using 2-factor authentication with Google? If you are, then it is better not to use GOA at the moment.

The problem is that in 3.6 we use CalDAV for Google Calendars, which does not work with OAuth tokens, only with passwords. Neither does GTalk, which needs OAuth2.

We have partly solved the problem for 3.8, by migrating our Google provider to use OAuth2. This takes care of GTalk, but the problem with calendars remain.

Google does have plans to support OAuth2 with CalDAV, but not sure when that will be available more widely. Or you can write and maintain a libgdata based backend for E-D-S till that happens.

This is only about Google.

For complete info, see GNOME Bug 688364

Solution 2:

No I don't know, but I do know with gnome 3.8 and ubuntu 13.04 there is an issue, see:

http://kparal.wordpress.com/2012/12/03/gnome-3-6-gnome-online-accounts-and-google-two-factor-authentication/

perhaps this helps.