Google has an extended level of security which can protect your Google account against malicious threats. This is called 2-Step Verification. It works with a secondary password/numeric value which is generated using a Google mobile application which can be installed in your Android phone. Whenever you login into a Google application using your email address and password, the secondary verification value is requested. This verification code should be generated using the Google mobile authentication application and entered to login. As I noticed this generated value has some relation to the current time. Therefore it is only valid for certain time period. This technology is very much similar to HSBC internet banking token authentication system.
As it is always said in computer security, additional security measures in software applications introduce more hassle for the user. Similarly when Google 2-Step Verification is enabled you will need to generate application specific passwords for each Google application you use in various devices. The reason for this is that for some applications they need to have your credentials saved to work in the background (Ex: GMail in Android). However applications like Google Chrome let you save 2-Step Verification Code for a month. What happens if you lose your phone? A good question, Google generates you another set of passwords which should be written down some where safe to recover your account in case if you lose your phone.