Assuming you have registered your device with Google 2-step Verification, what information does it use to verify that you are on that device when you come back to the website?
Does it store something on your computer (like a cookie), or does it use some other algorithm to determine where you are logging in from?
Just a quick follow-up on this question. A lot of people continue to view this question, but surprisingly, there hasn't been a good answer posted.
Since the original post, I did a lot of research to find out what technologies are used to determine a unique device, and I finally stumbled across the panopticlick project.
This website answered a lot of questions because it showed the exact metrics that a website can use to fingerprint your browser. Using this methodology, a site can really narrow down the exact device that you use to connect to a service, and therefore make it much easier to validate a 2-step verification.
Hopefully this helps someone trying to implement 2-step on your site.