I've always thought the key premise of the google password system, is if something goes wrong, such as my phone being stolen, I could hit 'sign out of all other sessions' and change my password on a desktop, and the phone would largely lock up until it recieved the correct password. Doesn't that make a lot of sense? My phone notifies me it has a sign in error, but lazily allows the user to still browse every email and the rest of the personal information that already exists on the phone.

This half-security baffles me.