I'm a fan of being secure, so naturally I decided to turn on two-factor authentication for my Google account. Essentially what this means is that every time you access your Google account from a new computer or other device for the first time you will need to enter a code that is sent to your mobile phone as an SMS (or you can install an app to generate the codes yourself). (You will need to reauthorise devices every 30 days — there's also an option to have the authentication expire early.)
However, I (and a lot of other people judging from a quick Web search) encountered a problem with my Android phone after enabling two-factor authentication: The Gmail app wouldn't let me log in, and I couldn't find any option to get Google to send me an authentication code for the app (the mobile Gmail site still worked fine after obtaining a code).
It turns out the solution is simple. The reason the problem happens is, as Google notes (and as I completely ignored when switching on the two-factor authentication option), not all Google apps are compatible with the system yet. However, Google offers the option of using a browser to generate a special application-specific password.
Simply go to your Google account settings, and select the option to edit your two-factor settings. Then select the option 'Manage application-specific passwords'. This will prompt you two enter a name for the device you're authorising (in my case my HTC Desire HD Android phone). You can then generate a random password that will let you use the Android Gmail app. (You can also revoke access from the same interface.)