diff --git a/.devcontainer/requirements-dev.txt b/.devcontainer/requirements-dev.txt
index 21f1f694..2aa9d847 100644
--- a/.devcontainer/requirements-dev.txt
+++ b/.devcontainer/requirements-dev.txt
@@ -20,7 +20,7 @@ aiofiles
 injector
 autopep8
 colorlog
-ptvsd
+debugpy
 google-cloud-logging
 google-cloud-firestore
 aiohttp-jinja2
diff --git a/LOCAL_AUTH.md b/LOCAL_AUTH.md
index 5954d386..39e48db2 100644
--- a/LOCAL_AUTH.md
+++ b/LOCAL_AUTH.md
@@ -1,49 +1,45 @@
-# Notice 3/16/2022
-Because of [recent changes Google has made](https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html#dates-oob) to its authentication backend the below instructions no longer work.  I'm aware of the issue, have a workaround selected and am working toward implementing it.  In the meantime using your own credentials is not available and the only way to authenticate the addon is using the big "Authenticate with Google Drive" button which sends credentials through the habackup.io domain.
-
-
-# Local Authentication
-You've arrived here because you'd like to use your own client ID and client secret to authenticate the add-on with Google Drive.  I'll caution that this is a very detailed and complicated process geared more toward developers than end users, so if you'd like to do it the easy way, go back to your add-on (typically http://homeassistant.local:8123/hassio/ingress/hassio_google_drive_backup) and click the "Authenticate with Google Drive" button.  These instructions will have you create a project on Google's Developer Cloud console, generate your own credentials, and use them to authenticate with Google Drive.  You can expect this to take about 15 minutes.  Typically this is what would be done by a developer when releasing a project that serveral users would use, but in this case you will be the only user.  This workflow is for you if:
-* You'd like to avoid having your account's credentials go through a server maintained by me.  The typical authentication workflow never sees your Google account password, but it does recieve a token from Google that, if I were malicious, I could use to see the backups you've uploaded to Google Drive.  I don't store this token anywhere and instead just pass it back to you, but becase of how Google oauth tokens are generated there is no way you could verify that.  I tip my tinfoil hat to yours and respect your desire to protect your personal information :)
-* The typical authentication flow didn't work.  This may be because of a bug, or because the server I set up to handle it is down or broken.  Its just me back here providing this as a free service to the community, so applogogies if things fall into disrepair.
-
-These instructions are current as of March 2021.  If you do this and notice they're out of date, Please file an issue on this project's issue page so I can be made aware of it.  Thanks!
-
-## Step 1 - Create a Google Cloud Project
-* Go to http://console.developers.google.com and log in with your Google account.
-* Click "Select Project" on the top left.
-* Click "New Project" to create a project.
-* Give the project any name you like, and click "Create Project".  Don't worry about billing or location information, you won't be charged for anything we're doing here.
-![](images/step1.png)
-
-## Step 2 - Enable the Drive API
-With your project now created:
-* Go to https://console.developers.google.com/apis/library
-* Search for "Google Drive API", and click "Enable".  This is necessary because the "Project" you're creating will use the [Google Drive API](https://developers.google.com/drive/api/v3/reference). 
-
-## Step 3 - Create a Consent Screen
-Before creating credentials, you'll need to create a consent screen.  Normally this is what people would see when they request to allow your new application to access their Google Drive, but because you're creating it just for yourself this is basically just a necessary formality.
-* Go back to http://console.developers.google.com and ensure the project name you created earlier is displayed in the upper left.
-* In the menu on the upper left, click **APIs & Services** then *OAuth Consent Screen*.
-* Select *External* for the user type and then click "Create".  Even though you're probably making these credentials with the same account you'll be using to authenticate the addon, you'll still be considered an *External* user.  
-* On the next screen "App Information", fill in all the required fields, *App Name*, *Support Email*, and *Developer Email*.  Then click Continue.  What you enter here doesn't really matter, but a good App Name is something that will make you laugh if you ever have to see this again, like "Buy the name-brand SD Card this time, maybe?"
-* On the next screen, click **Add OR Remove Scopes**.  In the dialog that pops up check the box for "../auth/drive.file" and then click "Add".  You might have to search for "drive.file" to make it show up.  This part is very important since it gives the credentials we're about to create permission to see files in Google Drive.  If you don't see this in the dialog that comes up, make sure you did step 2.
-* You can leave the rest of this form blank, just click **Save**  or **Continue** for any other screens.
-* Once its created, either click **Go Back to Dashboard** or click **OAuth Consent Screen** on the left.  Under **Publishing status** click **Publish App** and then **Confirm**.  This dialog will warn that the app will be available to all users, but in our case it will still only be you if you keep the credentials you create later just to yourself.  This step is necessary because "Testing" credentials would require you to manually re-authorize the addon ever 7 days, which is a pain.  
-
-## Step 4 - Create Credentials
-Now you've set up everything necessary to actually create credentials.
-* From http://console.developers.google.com, click **APIs & Services** then **Credentials** on the left.
-* Click **+ Create Credentials** at the top of the page.
-* Select "OAuth client ID" form the drop down.
-This should have opened a dialog titled "Create OAuth client ID".
-![](images/step3-b.png)
-* Select **Desktop app** for **Application Type**
-* Give the credentials a **Name**, anything will do.
-![](images/step4.png)
-* Click "Create"
-
-
-## Step 5 - Copy your credentials
-This should have opened a new dialog with your generated client ID and client secret.  Take these back to the Add-on, and paste them into the appropriate fields of the add-on web-UI, and follow the instructions from there.
-![](images/step5.png)
+# Using Custom/Personal Google Credentials
+You've arrived here because you'd like to use your own client ID and client secret to authenticate the add-on with Google Drive.  I'll caution that this is a very detailed and complicated process geared more toward developers than end users, so if you'd like to do it the easy way, go back to your add-on (typically http://homeassistant.local:8123/hassio/ingress/hassio_google_drive_backup) and click the "Authenticate with Google Drive" button.  These instructions will have you create a project on Google's Developer Cloud console, generate your own credentials, and use them to authenticate with Google Drive.  You can expect this to take about 15 minutes.  Typically this is what would be done by a developer when releasing a project that serveral users would use, but in this case you will be the only user.  This workflow is for you if:
+* You'd like to avoid having your account's credentials go through a server maintained by the developer of this addon.  The typical authentication workflow never sees your Google account password, but it does recieve a token from Google that, if I were malicious, I could use to see the backups you've uploaded to Google Drive.  I don't store this token anywhere and instead just pass it back to you, but because of how Google OAuth tokens are generated there is no way you could verify that.  I tip my tinfoil hat to yours and respect your desire to protect your personal information :)
+* The typical authentication flow didn't work.  This may be because of a bug, or because the server I set up to handle it is down or broken.  Its just me back here providing this as a free service to the community, so applogogies if things fall into disrepair.
+
+These instructions are current as of March 2022.  If you do this and notice they're out of date, Please file an issue on this project's issue page so I can be made aware of it.  Thanks!
+## Step 0 - Check addon version
+You must be runnign version 0.106.1 or greater of the add-on for this to work.  In Feb 2022 Google changed how some of their authentication APIs work which broke the way the addon did it before that version
+## Step 1 - Create a Google Cloud Project
+* Go to http://console.developers.google.com and log in with your Google account.
+* Click "Select Project" on the top left.
+* Click "New Project" to create a project.
+* Give the project any name you like, and click "Create Project".  Don't worry about billing or location information, you won't be charged for anything we're doing here.
+![](images/step1.png)
+
+## Step 2 - Enable the Drive API
+With your project now created:
+* Go to https://console.developers.google.com/apis/library
+* Search for "Google Drive API", and click "Enable".  This is necessary because the "Project" you're creating will use the [Google Drive API](https://developers.google.com/drive/api/v3/reference). 
+
+## Step 3 - Create a Consent Screen
+Before creating credentials, you'll need to create a consent screen.  Normally this is what people would see when they request to allow your new application to access their Google Drive, but because you're creating it just for yourself this is basically just a necessary formality.
+* Go back to http://console.developers.google.com and ensure the project name you created earlier is displayed in the upper left.
+* In the menu on the upper left, click **Enabled APIs & Services** then *OAuth Consent Screen*.
+* Select *External* for the user type and then click "Create".  Even though you're probably making these credentials with the same account you'll be using to authenticate the addon, you'll still be considered an *External* user.  
+* On the next screen "App Information", fill in all the required fields, *App Name*, *Support Email*, and *Developer Email*.  Then click "Save & Continue".  What you enter here doesn't really matter, but a good App Name is something that will make you laugh if you ever have to see this again, like "Buy the name-brand SD Card this time, maybe?"
+* On the next screen, click **Add OR Remove Scopes**.  In the dialog that pops up check the box for "../auth/drive.file" and then click "Update".  You might have to search for "drive.file" to make it show up.  This part is very important since it gives the credentials we're about to create permission to see files in Google Drive.  If you don't see this in the dialog that comes up, make sure you did step 2.
+* You can leave the rest of this form blank, just click **Save**  or **Continue** for any other screens.
+* Once its created, either click **Go Back to Dashboard** or click **OAuth Consent Screen** on the left.  Under **Publishing status** click **Publish App** and then **Confirm**.  This dialog will warn that the app will be available to all users, but in our case it will still only be you if you keep the credentials you create later just to yourself.  This step is necessary because "Testing" credentials would require you to manually re-authorize the addon ever 7 days, which is a pain.
+
+## Step 4 - Create Credentials
+Now you've set up everything necessary to actually create credentials.
+* From http://console.developers.google.com, click **Enabled APIs & Services** then **Credentials** on the left.
+* Click **+ Create Credentials** at the top of the page.
+* Select "OAuth client ID" form the drop down.
+This should have opened a dialog titled "Create OAuth client ID".
+* Select **TVs and Limited Input Devices** for **Application Type**.  Home Assistant might not seem like a "Limited Input Device" but is is necessary because its the only OAuth authentication method Google provides that doesn't require you to maintain a public SSL encrpted web service. 
+* Give the credentials a **Name**, anything will do and it doesn't matter.
+![](images/step4.png)
+* Click "Create"
+
+
+## Step 5 - Copy your credentials
+This should have opened a new dialog with your generated client ID and client secret.  Take these back to the Add-on, and paste them into the appropriate fields of the add-on web-UI, and follow the instructions from there.
+![](images/step5.png)
diff --git a/README.md b/README.md
index 3d070860..50c5d51f 100644
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ This addon has been featured by %YOUR_FAVORITE_HA_YOUTUBER% and is often listed
 >[<img src="images/patreon-button.svg" width=150/>](https://www.patreon.com/bePatron?u=4064183)
 
 ### Detailed Install Instructions
-1. Navigate in your Home Assistant frontend to <kbd>Supervisor</kbd> -> <kbd>Add-on Store</kbd>.
+1. Navigate in your Home Assistant frontend to <kbd>Configuration</kbd> -> <kbd>Add-ons, Backups & Supervisor</kbd> -> <kbd>Add-on Store (Bottom Right)</kbd>.
 
 2. Click the 3-dots menu at upper right <kbd>...</kbd> > <kbd>Repositories</kbd> and add this repository's URL: [https://github.com/sabeechen/hassio-google-drive-backup](https://github.com/sabeechen/hassio-google-drive-backup)
 
diff --git a/hassio-google-drive-backup/CHANGELOG.md b/hassio-google-drive-backup/CHANGELOG.md
index 89c3b82b..ca0d273e 100644
--- a/hassio-google-drive-backup/CHANGELOG.md
+++ b/hassio-google-drive-backup/CHANGELOG.md
@@ -1,3 +1,12 @@
+## [0.106.1 2022-3-21]
+### Fixes
+* Updates the mechanism for using custom/personal Google API credentials to work with Google's newer APIs
+* Fixes a problem that prevented loading backups from Google Drive -> Home Assistant through the Nabu Casa remote UI
+
+### New
+* Added the ability to delete any "ignored" snapshots after a certain age.
+
+
 ## [0.105.2 2021-9-7]
 ### Fixes
 * Include addon version number in the path component of static resources in an attempt to resolve [issue #466](https://github.com/sabeechen/hassio-google-drive-backup/issues/466).  Special thanks to [@stigvig](https://github.com/stigvig) and [@loomyr](https://github.com/loomyr) for helping me dig into this.
diff --git a/hassio-google-drive-backup/DOCS.md b/hassio-google-drive-backup/DOCS.md
index a1d0f030..8b792675 100644
--- a/hassio-google-drive-backup/DOCS.md
+++ b/hassio-google-drive-backup/DOCS.md
@@ -10,7 +10,7 @@ _Note_: The configuration can be changed easily by starting the add-on and click
 The UI explains what each setting is and you don't need to modify anything before clicking `Start`.
 If you would still prefer to modify the settings in yaml, the options are detailed below.
 
-Add-on configuration example. Don't use this directly, the addon has a lot of configuration options that most users don't need:
+Add-on configuration example. Don't use this directly, the addon has a lot of configuration options that most users don't need or want:
 
 ```yaml
 # Keep 10 backups in Home Assistant
@@ -25,6 +25,9 @@ ignore_other_backups: True
 # Ignore backups that look like they were created by Home Assistant automatic backup option during upgrades
 ignore_upgrade_backups: True
 
+# Automatically delete "ignored" snapshots after this many days
+delete_ignored_after_days: 7
+
 # Take a backup every 3 days
 days_between_backups: 3
 
diff --git a/hassio-google-drive-backup/backup/config/__init__.py b/hassio-google-drive-backup/backup/config/__init__.py
index cf94d55b..ccee27f7 100644
--- a/hassio-google-drive-backup/backup/config/__init__.py
+++ b/hassio-google-drive-backup/backup/config/__init__.py
@@ -5,4 +5,5 @@
 from .boolvalidator import BoolValidator
 from .startable import Startable
 from .listvalidator import ListValidator
+from.durationasstringvalidator import DurationAsStringValidator
 from .version import Version
diff --git a/hassio-google-drive-backup/backup/config/config.py b/hassio-google-drive-backup/backup/config/config.py
index 8fd80f0d..38e3d644 100644
--- a/hassio-google-drive-backup/backup/config/config.py
+++ b/hassio-google-drive-backup/backup/config/config.py
@@ -33,6 +33,7 @@
     Setting.SUPERVISOR_URL,
     Setting.TOKEN_SERVER_HOSTS,
     Setting.DRIVE_AUTHORIZE_URL,
+    Setting.DRIVE_DEVICE_CODE_URL,
     Setting.DEFAULT_DRIVE_CLIENT_ID,
     Setting.NEW_BACKUP_TIMEOUT_SECONDS,
     Setting.LOG_LEVEL,
diff --git a/hassio-google-drive-backup/backup/config/durationassecondsvalidator.py b/hassio-google-drive-backup/backup/config/durationassecondsvalidator.py
deleted file mode 100644
index 404e9938..00000000
--- a/hassio-google-drive-backup/backup/config/durationassecondsvalidator.py
+++ /dev/null
@@ -1,29 +0,0 @@
-from datetime import timedelta
-from .durationparser import DurationParser
-from .validator import Validator
-
-
-class DurationAsSecondsValidator(Validator):
-    def __init__(self, name, minimum=None, maximum=None):
-        super().__init__(name)
-        self.min = minimum
-        self.max = maximum
-
-    def validate(self, value):
-        if value is None or (type(value) == str and len(value) == 0):
-            return None
-        try:
-            if type(value) == str:
-                value = DurationParser().parse(value).total_seconds()
-            value = int(value)
-        except ValueError:
-            self.raiseForValue(value)
-
-        if self.max is not None and value > self.max:
-            self.raiseForValue(value)
-        if self.min is not None and value < self.min:
-            self.raiseForValue(value)
-        return value
-
-    def formatForUi(self, value):
-        return DurationParser().format(timedelta(seconds=value))
diff --git a/hassio-google-drive-backup/backup/config/durationasstringvalidator.py b/hassio-google-drive-backup/backup/config/durationasstringvalidator.py
new file mode 100644
index 00000000..8df5a3a0
--- /dev/null
+++ b/hassio-google-drive-backup/backup/config/durationasstringvalidator.py
@@ -0,0 +1,37 @@
+from datetime import timedelta
+from .durationparser import DurationParser
+from .validator import Validator
+
+
+class DurationAsStringValidator(Validator):
+    def __init__(self, name, minimum=None, maximum=None, base_seconds=1, default_as_empty=None):
+        super().__init__(name)
+        self.min = minimum
+        self.max = maximum
+        self.base_seconds = base_seconds
+        self.default_as_empty = default_as_empty
+
+    def validate(self, value):
+        if value is None or (type(value) == str and len(value) == 0):
+            return None
+        try:
+            if type(value) == str:
+                if self.default_as_empty is not None and value == "":
+                    value = self.default_as_empty
+                else:
+                    value = DurationParser().parse(value).total_seconds() / self.base_seconds
+            value = float(value)
+        except ValueError:
+            self.raiseForValue(value)
+
+        if self.max is not None and value > self.max:
+            self.raiseForValue(value)
+        if self.min is not None and value < self.min:
+            self.raiseForValue(value)
+        return value
+
+    def formatForUi(self, value):
+        if self.default_as_empty is not None and value == self.default_as_empty:
+            return ""
+        else:
+            return DurationParser().format(timedelta(seconds=value * self.base_seconds))
diff --git a/hassio-google-drive-backup/backup/config/settings.py b/hassio-google-drive-backup/backup/config/settings.py
index bb4491f8..bf6e6f34 100644
--- a/hassio-google-drive-backup/backup/config/settings.py
+++ b/hassio-google-drive-backup/backup/config/settings.py
@@ -8,7 +8,7 @@
 from .regexvalidator import RegexValidator
 from .stringvalidator import StringValidator
 from .listvalidator import ListValidator
-from .durationassecondsvalidator import DurationAsSecondsValidator
+from .durationasstringvalidator import DurationAsStringValidator
 from ..logger import getLogger
 
 logger = getLogger(__name__)
@@ -21,6 +21,7 @@ class Setting(Enum):
     DAYS_BETWEEN_BACKUPS = "days_between_backups"
     IGNORE_OTHER_BACKUPS = "ignore_other_backups"
     IGNORE_UPGRADE_BACKUPS = "ignore_upgrade_backups"
+    DELETE_IGNORED_AFTER_DAYS = "delete_ignored_after_days"
     DELETE_BEFORE_NEW_BACKUP = "delete_before_new_backup"
     BACKUP_NAME = "backup_name"
     BACKUP_TIME_OF_DAY = "backup_time_of_day"
@@ -103,6 +104,7 @@ class Setting(Enum):
     DRIVE_HOST_NAME = "drive_host_name"
     DRIVE_REFRESH_URL = "drive_refresh_url"
     DRIVE_AUTHORIZE_URL = "drive_authorize_url"
+    DRIVE_DEVICE_CODE_URL = "drive_device_code_url"
     DRIVE_TOKEN_URL = "drive_token_url"
     SAVE_DRIVE_CREDS_PATH = "save_drive_creds_path"
     STOP_ADDON_STATE_PATH = "stop_addon_state_path"
@@ -155,6 +157,7 @@ def key(self):
     Setting.DAYS_BETWEEN_BACKUPS: 3,
     Setting.IGNORE_OTHER_BACKUPS: False,
     Setting.IGNORE_UPGRADE_BACKUPS: False,
+    Setting.DELETE_IGNORED_AFTER_DAYS: 0,
     Setting.DELETE_BEFORE_NEW_BACKUP: False,
     Setting.BACKUP_NAME: "{type} Backup {year}-{month}-{day} {hr24}:{min}:{sec}",
     Setting.BACKUP_TIME_OF_DAY: "",
@@ -235,6 +238,7 @@ def key(self):
     Setting.DRIVE_URL: "https://www.googleapis.com",
     Setting.DRIVE_REFRESH_URL: "https://www.googleapis.com/oauth2/v4/token",
     Setting.DRIVE_AUTHORIZE_URL: "https://accounts.google.com/o/oauth2/v2/auth",
+    Setting.DRIVE_DEVICE_CODE_URL: "https://oauth2.googleapis.com/device/code",
     Setting.DRIVE_TOKEN_URL: "https://oauth2.googleapis.com/token",
     Setting.DRIVE_HOST_NAME: "www.googleapis.com",
     Setting.SAVE_DRIVE_CREDS_PATH: "token",
@@ -282,6 +286,7 @@ def key(self):
     Setting.DAYS_BETWEEN_BACKUPS: "float(0,)?",
     Setting.IGNORE_OTHER_BACKUPS: "bool?",
     Setting.IGNORE_UPGRADE_BACKUPS: "bool?",
+    Setting.DELETE_IGNORED_AFTER_DAYS: "float(0,)?",
     Setting.DELETE_BEFORE_NEW_BACKUP: "bool?",
     Setting.BACKUP_NAME: "str?",
     Setting.BACKUP_TIME_OF_DAY: "match(^[0-2]\\d:[0-5]\\d$)?",
@@ -362,6 +367,7 @@ def key(self):
     Setting.DRIVE_URL: "url?",
     Setting.DRIVE_REFRESH_URL: "url?",
     Setting.DRIVE_AUTHORIZE_URL: "url?",
+    Setting.DRIVE_DEVICE_CODE_URL: "url?",
     Setting.DRIVE_TOKEN_URL: "url?",
     Setting.DRIVE_HOST_NAME: "str?",
     Setting.SAVE_DRIVE_CREDS_PATH: "str?",
@@ -465,7 +471,8 @@ def getValidator(name, schema):
 # for key in addon_config["schema"]:
 #     _VALIDATORS[_LOOKUP[key]] = getValidator(key, addon_config["schema"][key])
 
-_VALIDATORS[Setting.MAX_SYNC_INTERVAL_SECONDS] = DurationAsSecondsValidator("max_sync_interval_seconds", 1, None)
+_VALIDATORS[Setting.MAX_SYNC_INTERVAL_SECONDS] = DurationAsStringValidator("max_sync_interval_seconds", minimum=1, maximum=None)
+_VALIDATORS[Setting.DELETE_IGNORED_AFTER_DAYS] = DurationAsStringValidator("delete_ignored_after_days", minimum=0, maximum=None, base_seconds=60 * 60 * 24, default_as_empty=0)
 VERSION = addon_config["version"]
 
 
diff --git a/hassio-google-drive-backup/backup/const.py b/hassio-google-drive-backup/backup/const.py
index 15d4bf67..961be628 100644
--- a/hassio-google-drive-backup/backup/const.py
+++ b/hassio-google-drive-backup/backup/const.py
@@ -24,6 +24,7 @@
 ERROR_SUPERVISOR_UNEXPECTED = "supervisor_unexpected"
 ERROR_SUPERVISOR_TIMEOUT = "supervisor_timeout"
 ERROR_SUPERVISOR_FILE_SYSTEM = "supervisor_fs_error"
+ERROR_GOOGLE_CRED_PROCESS = "unable_to_make_creds"
 
 ERROR_EXISTING_FOLDER = "existing_backup_folder"
 ERROR_BACKUP_FOLDER_MISSING = "backup_folder_missing"
diff --git a/hassio-google-drive-backup/backup/debug/debug_server.py b/hassio-google-drive-backup/backup/debug/debug_server.py
index e5aa5a04..7e7b292b 100644
--- a/hassio-google-drive-backup/backup/debug/debug_server.py
+++ b/hassio-google-drive-backup/backup/debug/debug_server.py
@@ -1,6 +1,5 @@
 from backup.config import Config, Setting, Startable
 from backup.logger import getLogger
-import sys
 from injector import inject, singleton
 logger = getLogger(__name__)
 
@@ -13,10 +12,7 @@ def __init__(self, config: Config):
 
     async def start(self):
         if self._config.get(Setting.DEBUGGER_PORT) is not None:
-            if 'ptvsd' not in sys.modules:
-                logger.error("Unable to start the debugger server because the ptvsd library is not installed")
-            else:
-                import ptvsd
-                port = self._config.get(Setting.DEBUGGER_PORT)
-                logger.info("Starting debugger on port {}".format(port))
-                ptvsd.enable_attach(('0.0.0.0', port))
+            import debugpy
+            port = self._config.get(Setting.DEBUGGER_PORT)
+            logger.info("Starting debugger on port {}".format(port))
+            debugpy.listen(("0.0.0.0", port))
diff --git a/hassio-google-drive-backup/backup/drive/__init__.py b/hassio-google-drive-backup/backup/drive/__init__.py
index 1d64e6a6..36cd1a6f 100644
--- a/hassio-google-drive-backup/backup/drive/__init__.py
+++ b/hassio-google-drive-backup/backup/drive/__init__.py
@@ -1,4 +1,5 @@
 # flake8: noqa
 from .driverequests import DriveRequests, RETRY_SESSION_ATTEMPTS, UPLOAD_SESSION_EXPIRATION_DURATION, URL_START_UPLOAD
 from .drivesource import DriveSource, SOURCE_GOOGLE_DRIVE
-from .folderfinder import FolderFinder
\ No newline at end of file
+from .folderfinder import FolderFinder
+from .authcodequery import AuthCodeQuery
\ No newline at end of file
diff --git a/hassio-google-drive-backup/backup/drive/authcodequery.py b/hassio-google-drive-backup/backup/drive/authcodequery.py
new file mode 100644
index 00000000..715371a9
--- /dev/null
+++ b/hassio-google-drive-backup/backup/drive/authcodequery.py
@@ -0,0 +1,107 @@
+from datetime import datetime, timedelta
+
+from backup.config import Config, Setting
+from backup.time import Time
+from backup.exceptions import GoogleCredGenerateError, KnownError, LogicError, ensureKey
+from aiohttp import ClientSession
+from injector import inject
+from .driverequests import DriveRequester
+from backup.logger import getLogger
+from backup.creds import Creds
+import asyncio
+
+logger = getLogger(__name__)
+SCOPE = 'https://www.googleapis.com/auth/drive.file'
+
+
+class AuthCodeQuery:
+    @inject
+    def __init__(self, config: Config, session: ClientSession, time: Time, drive: DriveRequester):
+        self.session = session
+        self.config = config
+        self.drive = drive
+        self.time = time
+        self.client_id: str = None
+        self.client_secret: str = None
+        self.device_code: str = None
+        self.verification_url: str = None
+        self.user_code: str = None
+        self.check_interval: timedelta = timedelta(seconds=5)
+        self.expiration: datetime = time.now()
+        self.last_check = time.now()
+
+    async def requestCredentials(self, client_id: str, client_secret: str):
+        self.client_id = client_id
+        self.client_secret = client_secret
+        request_data = {
+            'client_id': self.client_id,
+            'scope': SCOPE
+        }
+        resp = await self.session.post(self.config.get(Setting.DRIVE_DEVICE_CODE_URL), data=request_data, timeout=30)
+        if resp.status != 200:
+            raise GoogleCredGenerateError(f"Google responded with error status HTTP {resp.status}.  Please verify your credentials are set up correctly.")
+        data = await resp.json()
+        self.device_code = str(ensureKey("device_code", data, "Google's authorization request"))
+        self.verification_url = str(ensureKey("verification_url", data, "Google's authorization request"))
+        self.user_code = str(ensureKey("user_code", data, "Google's authorization request"))
+        self.expiration = self.time.now() + timedelta(seconds=int(ensureKey("expires_in", data, "Google's authorization request")))
+        self.check_interval = timedelta(seconds=int(ensureKey("interval", data, "Google's authorization request")))
+
+    async def waitForPermission(self) -> Creds:
+        if not self.device_code:
+            raise LogicError("Please call requestCredentials() first")
+        error_count = 0
+        data = {
+            'client_id': self.client_id,
+            'client_secret': self.client_secret,
+            'device_code': self.device_code,
+            'grant_type': 'urn:ietf:params:oauth:grant-type:device_code'
+        }
+        while self.expiration > self.time.now():
+            start = self.time.now()
+            resp = None
+            try:
+                resp = await self.session.post(self.config.get(Setting.DRIVE_TOKEN_URL), data=data, timeout=self.check_interval.total_seconds())
+                try:
+                    reply = await resp.json()
+                except Exception:
+                    reply = {}
+                if resp.status == 403:
+                    if reply.get("error", "") == "slow_down":
+                        # google wants us to chill out, so do that
+                        await asyncio.sleep(self.check_interval.total_seconds())
+                    else:
+                        # Google says no
+                        logger.error(f"Getting credentials from Google failed with HTTP 403 and error: {reply.get('error', 'unspecified')}")
+                        raise GoogleCredGenerateError("Google refused the request to connect your account, either because you rejected it or they were set up incorrectly.")
+                elif resp.status == 428:
+                    # Google says PEBKAC
+                    logger.info(f"Waiting for you to authenticate with Google at {self.verification_url}")
+                elif resp.status / 100 != 2:
+                    # Mysterious error
+                    logger.error(f"Getting credentials from Google failed with HTTP {resp.status} and error: {reply.get('error', 'unspecified')}")
+                    raise GoogleCredGenerateError("Failed unexpectedly while trying to reach Google.  See the add-on logs for details.")
+                else:
+                    # got the token, return it
+                    return Creds.load(self.time, reply, id=self.client_id, secret=self.client_secret)
+            except KnownError:
+                raise
+            except Exception as e:
+                logger.error("Error while trying to retrieve credentials from Google")
+                logger.printException(e)
+
+                # Allowing 10 errors is arbitrary, but prevents us from just erroring out forever in the background
+                error_count += 1
+                if error_count > 10:
+                    raise GoogleCredGenerateError("Failed unexpectedly too many times while attempting to reach Google.  See the logs for details.")
+            finally:
+                if resp is not None:
+                    resp.release()
+
+            # Make sure we never query more than google says we should
+            remainder = self.check_interval - (self.time.now() - start)
+            if remainder > timedelta(seconds=0):
+                await asyncio.sleep(remainder.total_seconds())
+
+        logger.error("Getting credentials from Google expired, please try again")
+        raise GoogleCredGenerateError("Credentials expired while waiting for you to authorize with Google")
diff --git a/hassio-google-drive-backup/backup/drive/driverequests.py b/hassio-google-drive-backup/backup/drive/driverequests.py
index 2a08429d..13e64b9c 100644
--- a/hassio-google-drive-backup/backup/drive/driverequests.py
+++ b/hassio-google-drive-backup/backup/drive/driverequests.py
@@ -36,7 +36,6 @@
 URL_FILES = "/drive/v3/files/"
 URL_ABOUT = "/drive/v3/about"
 URL_START_UPLOAD = "/upload/drive/v3/files/?uploadType=resumable&supportsAllDrives=true"
-URL_AUTH = "/oauth2/v4/token"
 PAGE_SIZE = 100
 CHUNK_SIZE = 5 * 262144
 RANGE_RE = re.compile("^bytes=0-\\d+$")
diff --git a/hassio-google-drive-backup/backup/exceptions/__init__.py b/hassio-google-drive-backup/backup/exceptions/__init__.py
index 3eb7c765..731c24c8 100644
--- a/hassio-google-drive-backup/backup/exceptions/__init__.py
+++ b/hassio-google-drive-backup/backup/exceptions/__init__.py
@@ -1,2 +1,2 @@
 # flake8: noqa
-from .exceptions import SupervisorUnexpectedError, SupervisorTimeoutError, GoogleUnexpectedError, SupervisorFileSystemError, SupervisorPermissionError, LogInToGoogleDriveError, KnownTransient, GoogleInternalError, GoogleRateLimitError, CredRefreshGoogleError, CredRefreshMyError, BackupFolderInaccessible, BackupFolderMissingError, DeleteMutlipleBackupsError, DriveQuotaExceeded, ensureKey, ExistingBackupFolderError, UserCancelledError, UploadFailed, SupervisorConnectionError, BackupPasswordKeyInvalid, BackupInProgress, SimulatedError, ProtocolError, PleaseWait, NotUploadable, NoBackup, LowSpaceError, LogicError, KnownError, InvalidConfigurationValue, HomeAssistantDeleteError, GoogleTimeoutError, GoogleSessionError, GoogleInternalError, GoogleDrivePermissionDenied, GoogleDnsFailure, GoogleCredentialsExpired, GoogleCantConnect, ExistingBackupFolderError
+from .exceptions import GoogleCredGenerateError, SupervisorUnexpectedError, SupervisorTimeoutError, GoogleUnexpectedError, SupervisorFileSystemError, SupervisorPermissionError, LogInToGoogleDriveError, KnownTransient, GoogleInternalError, GoogleRateLimitError, CredRefreshGoogleError, CredRefreshMyError, BackupFolderInaccessible, BackupFolderMissingError, DeleteMutlipleBackupsError, DriveQuotaExceeded, ensureKey, ExistingBackupFolderError, UserCancelledError, UploadFailed, SupervisorConnectionError, BackupPasswordKeyInvalid, BackupInProgress, SimulatedError, ProtocolError, PleaseWait, NotUploadable, NoBackup, LowSpaceError, LogicError, KnownError, InvalidConfigurationValue, HomeAssistantDeleteError, GoogleTimeoutError, GoogleSessionError, GoogleInternalError, GoogleDrivePermissionDenied, GoogleDnsFailure, GoogleCredentialsExpired, GoogleCantConnect, ExistingBackupFolderError
diff --git a/hassio-google-drive-backup/backup/exceptions/exceptions.py b/hassio-google-drive-backup/backup/exceptions/exceptions.py
index 66fb0165..4f5e036c 100644
--- a/hassio-google-drive-backup/backup/exceptions/exceptions.py
+++ b/hassio-google-drive-backup/backup/exceptions/exceptions.py
@@ -3,7 +3,7 @@
 from ..const import (DRIVE_FOLDER_URL_FORMAT, ERROR_BACKUP_FOLDER_INACCESSIBLE,
                      ERROR_BACKUP_FOLDER_MISSING, ERROR_BAD_PASSWORD_KEY,
                      ERROR_CREDS_EXPIRED, ERROR_DRIVE_FULL,
-                     ERROR_EXISTING_FOLDER, ERROR_GOOGLE_CONNECT,
+                     ERROR_EXISTING_FOLDER, ERROR_GOOGLE_CONNECT, ERROR_GOOGLE_CRED_PROCESS,
                      ERROR_GOOGLE_DNS, ERROR_GOOGLE_INTERNAL,
                      ERROR_GOOGLE_SESSION, ERROR_GOOGLE_TIMEOUT,
                      ERROR_HA_DELETE_ERROR, ERROR_INVALID_CONFIG, ERROR_LOGIC,
@@ -433,3 +433,14 @@ def message(self):
 
     def code(self):
         return ERROR_SUPERVISOR_FILE_SYSTEM
+
+
+class GoogleCredGenerateError(KnownError):
+    def __init__(self, message):
+        self._msg = message
+
+    def message(self):
+        return self._msg
+
+    def code(self):
+        return ERROR_GOOGLE_CRED_PROCESS
diff --git a/hassio-google-drive-backup/backup/model/model.py b/hassio-google-drive-backup/backup/model/model.py
index f146d617..7917f8dc 100644
--- a/hassio-google-drive-backup/backup/model/model.py
+++ b/hassio-google-drive-backup/backup/model/model.py
@@ -175,6 +175,16 @@ async def sync(self, now: datetime):
             if self.dest.enabled():
                 await self._purge(self.dest)
 
+        # Delete any "ignored" backups that have expired
+        if (self.config.get(Setting.IGNORE_OTHER_BACKUPS) or self.config.get(Setting.IGNORE_UPGRADE_BACKUPS)) and self.config.get(Setting.DELETE_IGNORED_AFTER_DAYS) > 0:
+            cutoff = now - timedelta(days=self.config.get(Setting.DELETE_IGNORED_AFTER_DAYS))
+            delete = []
+            for backup in self.backups.values():
+                if backup.ignore() and backup.date() < cutoff:
+                    delete.append(backup)
+            for backup in delete:
+                await self.deleteBackup(backup, self.source)
+
         self._handleBackupDetails()
         next_backup = self.nextBackup(now)
         if next_backup and now >= next_backup and self.source.enabled() and not self.dest.needsConfiguration():
diff --git a/hassio-google-drive-backup/backup/static/authorize.jinja2 b/hassio-google-drive-backup/backup/static/authorize.jinja2
index 8dd26450..e3bc0ae2 100644
--- a/hassio-google-drive-backup/backup/static/authorize.jinja2
+++ b/hassio-google-drive-backup/backup/static/authorize.jinja2
@@ -34,7 +34,7 @@
               <div class="center">
                 You've authorized the addon to connect with Google Drive and created the authorization string shown below.  Most of the time
                 you can just click "Send Credentials" below to have them sent back to the addon, but depending on circumstances beyond the 
-                addon's control that might just return an error.  If that happens, instead just copy the authroization string below 
+                addon's control that might just return an error.  If that happens, instead just copy the authorization string below 
                 and paste it into the addon where you clicked the "Authenticate With Google Drive" button that brought you here.
               </div>
               <br>
@@ -70,4 +70,4 @@
     </div>
   </div>
 </main>
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/hassio-google-drive-backup/backup/static/css/static.css b/hassio-google-drive-backup/backup/static/css/static.css
index d844e4a4..53a77cf5 100644
--- a/hassio-google-drive-backup/backup/static/css/static.css
+++ b/hassio-google-drive-backup/backup/static/css/static.css
@@ -523,4 +523,19 @@ input:not([type]):focus:not([readonly]), input[type="text"]:not(.browser-default
 .toast .toast-action:hover {
   color: var(--accent-hover-color);
   background-color: var(--accent-bg-hover-color);
+}
+
+.device-code-box {
+  font-size: 2em;
+  width: auto;
+  border-color: var(--accent-text-color);
+  color: var(--accent-text-color);
+  background: var(--accent-color);
+  border-radius: 6px;
+  padding: 6px;
+  margin: 6px;
+}
+
+.device-code-box:hover {
+  background-color: var(--accent-bg-hover-color);
 }
\ No newline at end of file
diff --git a/hassio-google-drive-backup/backup/static/index.jinja2 b/hassio-google-drive-backup/backup/static/index.jinja2
index 33759725..61a5bdd3 100644
--- a/hassio-google-drive-backup/backup/static/index.jinja2
+++ b/hassio-google-drive-backup/backup/static/index.jinja2
@@ -21,123 +21,126 @@
         </div>
         <div>
 
-        </div>
-        <div class="row center">
-          <div class="col m12 l6 offset-l3">
-            <h6 id="what_do_next_now_please" style="display: none;" class="header light">
-              <span id="what_do_next_now_please_text"></span>
-              Change your <a href="#!" onclick="loadSettings()"><i class="material-icons"
-                  style="display: inline; margin-right: 2px; vertical-align: middle; font-size: 15px">settings</i>settings</a>
-              to alter the add-on's behavior if that isn't what you want.
-            </h6>
-          </div>
         </div>
         <div class="row center">
           <div id="option1" class="col m12 l6 offset-l3 center center-align">
-            <a target="_blank" id="authenticate-button" style="margin: 10px"
-              class="btn-large btn-flat btn-high-vis">
-              Authenticate with Google Drive
-            </a>
-            <div class="row center">
-              <div class="col s12">
-                <ul>
-                  <li>
-                    <h6 class="header col s12 light">
-                      Clicking this link authenticates you with an external domain (<a
-                        href="https://habackup.io">habackup.io</a>). To learn why
-                      this is necessary, check out the details <a
-                        href="https://github.com/sabeechen/hassio-google-drive-backup/blob/master/hassio-google-drive-backup/AUTHENTICATION.md" target="_blank" rel="noreferrer">here</a>.
-                      By doing this, you agree to our <a href="pp">Privacy Policy</a> and <a href="tos">Terms of
-                        Service</a></h6>
-                  </li>
-                  <li>
-                    <h6 class="header col s12 light">*Note: this will <i>only</i> have access to the files and folders
-                      it
-                      creates.
-                      The Add-on can't see any of the other files you've added to Google Drive.</h6>
-                  </li>
-                </ul>
+            <div id="option1-step1">
+              <div class="row center">
+                <div class="col s12">
+                  <h6 id="what_do_next_now_please" style="display: none;" class="header light">
+                    <span id="what_do_next_now_please_text"></span>
+                    Change your <a href="#!" onclick="loadSettings()"><i class="material-icons"
+                        style="display: inline; margin-right: 2px; vertical-align: middle; font-size: 15px">settings</i>settings</a>
+                    to alter the add-on's behavior if that isn't what you want.
+                  </h6>
+                </div>
               </div>
-            </div>
-            <div class="row center">
-              <div class="col s12">
-                
-                You might be asked to copy an authorization code from the link above.  If you do, paste it here:
-                <textarea id="google_credentials_box" style="height: 5rem;"></textarea>
-                <br>
-                <div class="left" style="display: none;" id="save_cred_message">
-                  <div class="cls-spinner left" id="save_cred_working">
-                    <div class="cls-signal"></div>
+              <a target="_blank" id="authenticate-button" style="margin: 10px"
+                class="btn-large btn-flat btn-high-vis">
+                Authenticate with Google Drive
+              </a>
+              <div class="row center">
+                <div class="col s12">
+                  <ul class="browser-default" style="text-align: left;">
+                    <li>
+                        Clicking this link authenticates you with an external domain (<a
+                          href="https://habackup.io">habackup.io</a>). 
+                    </li>
+                    <li>You can <a href="https://github.com/sabeechen/hassio-google-drive-backup/blob/master/hassio-google-drive-backup/AUTHENTICATION.md" target="_blank" rel="noreferrer">read this</a> to understand what this means and why its necessary.
+                    </li>
+                    <li>
+                      By doing this you must agree to the <a href="pp">Privacy Policy</a> and <a href="tos">Terms of Service</a></h6>
+                    </li>
+                    <li>
+                      The addon will only have access to the files and folders it creates. It can't see any of the other files you've added to Google Drive.</h6>
+                    </li>
+                    <li>To generate your own private credentials with Google instead that doesn't use a third-party domain, <a href="#" onclick="$('#option2').show();$('#option1').hide();">click here</a>.  Fair warning: that way is much more complicated.</li>
+                  </ul>
+                </div>
+              </div>
+              <div class="row center">
+                <div class="col s12">
+                  
+                  After you get the authorization code from the link above, paste the result here:
+                  <br/>
+                  <textarea id="google_credentials_box" style="height: 5rem;"></textarea>
+                  <br>
+                  <div class="left" style="display: none;" id="save_cred_message">
+                    <div class="cls-spinner left" id="save_cred_working">
+                      <div class="cls-signal"></div>
+                    </div>
+                    <div class="left center" style="display: flex;align-items: center;height: 52px;" id="save_cred_message"></div>
                   </div>
-                  <div class="left center" style="display: flex;align-items: center;height: 52px;" id="save_cred_message"></div>
+                  
+                  <a target="_blank" class="right btn-large btn-flat btn-high-vis disabled"
+                        id="send_creds_button" onclick="send_creds($('#google_credentials_box').val())">Save</a>
                 </div>
-                
-                <a target="_blank" class="right btn-large btn-flat btn-high-vis disabled"
-                      id="send_creds_button" onclick="send_creds($('#google_credentials_box').val())">Save</a>
               </div>
             </div>
-            <br />
-            Having trouble with this or looking to generate your own credentials without going through an external
-            domain?
-            <a href="#" onclick="$('#option2').show();$('#option1').hide();">Click here.</a>
-
           </div>
           <div id="option2" class="col s12 m6 offset-m3 default-hidden">
-            Follow the <a target="_blank" rel="noreferrer"
-              href="https://github.com/sabeechen/hassio-google-drive-backup/blob/master/LOCAL_AUTH.md">instructions
-              here</a> to get your own client ID and client secret from Google. This is a much more complicated and time
-            consuming approach, but doesn't require you to authenticate yourself with an external domain.
-            <br />
-            <a href="#" onclick="$('#option2').hide();$('#option1').show();">&lt; Go back to the easier way</a>
-            <div class="row">
-              <form class="col s10" action="manualauth" method="get">
-                <div class="row">
-                  <div class="input-field col s12">
-                    <i class="material-icons prefix">vpn_key</i>
-                    <input id="client_id" name="client_id" type="text" class="validate" />
-                    <label for="client_id">Client ID</label>
+            <div id="option2-step1">
+              Follow the <a target="_blank" rel="noreferrer"
+                href="https://github.com/sabeechen/hassio-google-drive-backup/blob/master/LOCAL_AUTH.md">instructions
+                here</a> to get your own client ID and client secret from Google's Cloud Console. This is a much more complicated and time
+              consuming approach, but doesn't require you to authenticate yourself with an external domain. 
+              <div class="row">
+                <form class="col s10" action="manualauth" method="get">
+                  <div class="row">
+                    <div class="input-field col s12">
+                      <i class="material-icons prefix">vpn_key</i>
+                      <input id="client_id" name="client_id" type="text" class="validate" />
+                      <label for="client_id">Client ID</label>
+                    </div>
                   </div>
-                </div>
+                  <div class="row">
+                    <div class="input-field col s12">
+                      <i class="material-icons prefix">vpn_key</i>
+                      <input id="client_secret" name="client_secret" type="text" class="validate" />
+                      <label for="client_secret">Client Secret</label>
+                    </div>
+                  </div>
+                  <div class=row>
+                    <div class="input-field col s12">
+                      <a target="_blank" class="right btn-large btn-flat btn-high-vis disabled right-align" style="position: absolute; right: 0px;"
+                        id="secret_button" onclick="getAuthUrl()">Next</a>
+                      <a target="_blank" class="right btn-large btn-flat btn-high-vis left-align" style="position: absolute; left: 30px;"
+                        id="secret_button" onclick="backOption2Step1()"><i class="material-icons">arrow_back</i>back</a>
+                    </div>
+                  </div>
+                </form>
+              </div>
+            </div>
+            <div class="row" style="display: none" id="option2-step2">
+              <div class="col s12">
                 <div class="row">
-                  <div class="input-field col s12">
-                    <i class="material-icons prefix">vpn_key</i>
-                    <input id="client_secret" name="client_secret" type="text" class="validate" />
-                    <label for="client_secret">Client Secret</label>
+                  <div class="col s12">
+                    Please navigate to <a id="custom-auth-link" target="_blank" rel="noreferrer"></a> and enter the code shown below to authorize the addon using your Google account.  This page will automatically update once you do so.
                   </div>
                 </div>
-                <div class=row>
-                  <div class="input-field col s12">
-                    <a target="_blank" class="right btn-large btn-flat btn-high-vis disabled"
-                      id="secret_button" onclick="getAuthUrl()">Connect</a>
+                <div class="row">
+                  <div class="col s12">
+                    <span id="code-box" class="device-code-box"></span>
                   </div>
                 </div>
-              </form>
-              <div class=row>
-                <div class="col s12" id="help_text" style="display: none">
-                  <p>
-                    Click "Connect" once you have a client ID and client secret. This will redirect you to Google's
-                    authentications servers where you you will be given an authentication code that you can enter below
-                    to finish authorization.
-                  </p>
-                </div>
-              </div>
-              <div class="row" style="display: none" id="code_form">
-                <div class="col s12">
-                  <form class="col s10" action="manualauth" method="get">
-                    <div class="row">
-                      <div class="input-field col s12">
-                        <i class="material-icons prefix">vpn_key</i>
-                        <input id="code" name="code" type="text" class="validate disabled">
-                        <label for="code">Code from Google</label>
-                      </div>
+                <div class="row">
+                  <div class="col s12">
+                    <div>
+                      Expires: <span id="device-code-valid-time-left"></span>
                     </div>
-                    <div class=row>
-                      <div class="col s12">
-                        <a target="_blank" class="right btn-large btn-flat btn-high-vis disabled"
-                          id="manualauthbutton" onClick="submitCode()">Authorize</a>
-                      </div>
+                    <div id="device-code-loading" class="progress">
+                      <div class="indeterminate"></div>
                     </div>
-                  </form>
+                    <div id="device-code-status-text">
+                      Loading...
+                    </div>
+                  </div>
+                </div>
+                <div class="row">
+                  <div class="col s12">
+                    <a target="_blank" class="right btn-large btn-flat btn-high-vis left-align"
+                        id="secret_button" onclick="backOption2Step2()">Back</a>
+                  </div>
                 </div>
               </div>
             </div>
@@ -151,6 +154,15 @@
 
 {% block scripts %}
   <script type="text/javascript">
+    function backOption2Step1() {
+      $('#option2').hide();
+      $('#option1').show();
+    }
+    function backOption2Step2() {
+      $("#option2-step1").show();
+      $("#option2-step2").hide();
+    }
+
     function submitCode() {
       var code = $("#code").val();
       if (!code || code.length == 0) {
@@ -301,29 +313,64 @@
       reloadForNewCreds();
     });
 
-    function getAuthUrl() {
+    function sleep(ms) {
+      return new Promise(resolve => setTimeout(resolve, ms));
+   }
+
+    async function getAuthUrl() {
       var client_id = $("#client_id").val();
       var client_secret = $("#client_secret").val();
       if (!(client_id && client_id.length > 0 && client_secret && client_secret.length > 0)) {
-        M.toast({ html: "Please enter a Client Id and Client Secret first" })
+        M.toast({ html: "Please enter a Client ID and Client Secret first" })
       }
-      var url = "manualauth?client_id=" + client_id + "&client_secret=" + client_secret;
-      console.log("Requesting auth url from " + url);
-      $.get(url,
-        function (data) {
-          M.toast({ html: "Requesting authorization URL..." })
-          if (data.hasOwnProperty("auth_url")) {
-            console.log("Opening window to " + data.auth_url)
-            window.open(data.auth_url);
-            $("#code").removeClass("disabled")
-            $("#manualauthbutton").removeClass("disabled")
-          } else if (data.hasOwnProperty("error")) {
-            M.toast({ html: data.error })
+      let toast = M.toast({ html: "Talking with Google..."})
+      url = URI("manualauth").query({
+        'client_id': client_id,
+        'client_secret': client_secret});
+      try {
+        const resp = await fetch(url.toString());
+        const data = await resp.json();
+        if (resp.ok) {
+          $("#custom-auth-link").attr("href", data.auth_url);
+          $("#custom-auth-link").html(data.auth_url);
+          $("#code-box").html(data.code);
+          $("#code-hidden").val(data.code);
+          $("#option2-step2").show();
+          $("#option2-step1").hide();
+        } else {
+          toast.dismiss();
+          M.toast({ html: data.message })
+          return;
+        }
+      } catch (e) {
+        toast.dismiss();
+        M.toast({ html: "Encountered and unexpected error.  Please make sure the add-on is still running."})
+        return;
+      }
+      toast.dismiss();
 
-            $("#code").addClass("disabled")
-            $("#manualauthbutton").addClass("disabled")
+      // Continually check for status
+      let status = $("#device-code-status-text");
+      let progress = $("#device-code-loading");
+      progress.show();
+      while(true) {
+        try {
+          const resp = await fetch(URI("checkManualAuth").toString());
+          const data = await resp.json();
+          status.html(data.message);
+          if(resp.ok) {
+            $("#device-code-valid-time-left").html(data.expires)
+            await sleep(1000);
+          } else {
+            progress.hide();
+            break;
           }
-        }, "json")
+        } catch (e) {
+          progress.hode();
+          status.html("Unexpected error: " + e);
+          break;
+        }
+      }
     }
 
   </script>
diff --git a/hassio-google-drive-backup/backup/static/js/settings.js b/hassio-google-drive-backup/backup/static/js/settings.js
index 01299719..369d4c9b 100644
--- a/hassio-google-drive-backup/backup/static/js/settings.js
+++ b/hassio-google-drive-backup/backup/static/js/settings.js
@@ -228,6 +228,7 @@ function handleSettingsDialog(data) {
   showPallette($("#accent_color"));
 
   toggleSlide(document.querySelector('#stop_addons'), 'settings_stop_addons_details');
+  updateIgnoredBackupOptions();
   M.updateTextFields();
 }
 
@@ -240,6 +241,14 @@ function chooseFolderChanged() {
   M.updateTextFields();
 }
 
+function updateIgnoredBackupOptions() {
+  if ($("#ignore_upgrade_backups").prop('checked') || $("#ignore_other_backups").prop('checked')) {
+    $("#ignored-backup-duration-block").fadeIn();
+  } else {
+    $("#ignored-backup-duration-block").fadeOut();
+  }
+}
+
 function saveSettings() {
   if (!document.getElementById('settings_form').checkValidity()) {
     showSettingError({message: "Some configuration is invalid, check for red errors up above."})
diff --git a/hassio-google-drive-backup/backup/static/layouts/partials/modals/settings.jinja2 b/hassio-google-drive-backup/backup/static/layouts/partials/modals/settings.jinja2
index 9b5de520..71c48ee6 100644
--- a/hassio-google-drive-backup/backup/static/layouts/partials/modals/settings.jinja2
+++ b/hassio-google-drive-backup/backup/static/layouts/partials/modals/settings.jinja2
@@ -57,7 +57,7 @@
           <div class="col s12">
             <label>
               <input type="checkbox" name="ignore_other_backups" id="ignore_other_backups"
-                class="filled-in checkbox-ha" />
+                class="filled-in checkbox-ha" onchange="updateIgnoredBackupOptions()"/>
               <span>Ignore Other Backups</span>
               <br />
               <span class="helper-text">The addon will ignore any backups it didn't create.  
@@ -70,7 +70,7 @@
           <div class="col s12">
             <label>
               <input type="checkbox" name="ignore_upgrade_backups" id="ignore_upgrade_backups"
-                class="filled-in checkbox-ha" />
+                class="filled-in checkbox-ha" onchange="updateIgnoredBackupOptions()"/>
               <span>Ignore "Upgrade" Backups</span>
               <br />
               <span class="helper-text">The addon will ignore backups with only one addon or folder inside them.
@@ -80,6 +80,22 @@
             </label>
           </div>
         </div>
+        <div class="col s11 offset-s1 row" id="ignored-backup-duration-block">
+          <div class="input-field col s11offset-s1">
+            <i class="material-icons prefix">delete_sweep</i>
+            <input type="text" id="delete_ignored_after_days" name="delete_ignored_after_days"
+              pattern="^([ ]*([0-9]*[.])?[0-9]+[ ]*(seconds|second|secs|sec|s|minutes|minute|mins|min|m|hours|hour|hr|h|days|day|d)?[ ,]*)*$"
+              class="validate" />
+            <label for="delete_ignored_after_days">Delete ignored snapshots after</label>
+            <span class="helper-text">
+              For any ignored snapshots, automatically delete them after this much time.  
+              Leave blank (the default) to never delete them. This can be any duration of
+              time expressed as days, hours, minutes, and seconds.  Be careful enabling this, 
+              you can see if you have any ignored backups by scrolling to the bottom of the
+              list of backups under this dialog. Examples:
+              '7 days', '36 hours', '1 hour, 30 minutes, 10 seconds', etc.</span>
+          </div>
+        </div>
         <div class="row">
           <div class="input-field col m6 s12">
             <i class="material-icons prefix">date_range</i>
diff --git a/hassio-google-drive-backup/backup/ui/uiserver.py b/hassio-google-drive-backup/backup/ui/uiserver.py
index 5d25bbba..37a56366 100644
--- a/hassio-google-drive-backup/backup/ui/uiserver.py
+++ b/hassio-google-drive-backup/backup/ui/uiserver.py
@@ -9,22 +9,22 @@
 from typing import Any, Dict
 
 from aiohttp import BasicAuth, hdrs, web, ClientSession, ClientResponseError
-from aiohttp.web import HTTPBadRequest, HTTPException, Request, HTTPSeeOther, HTTPNotFound
-from injector import ClassAssistedBuilder, inject, singleton
+from aiohttp.web import HTTPException, Request, HTTPSeeOther, HTTPNotFound
+from injector import ClassAssistedBuilder, ProviderOf, inject, singleton
 
 from backup.config import Config, Setting, CreateOptions, BoolValidator, Startable, Version, VERSION
 from backup.const import SOURCE_GOOGLE_DRIVE, SOURCE_HA, GITHUB_BUG_TEMPLATE
 from backup.model import Coordinator, Backup, AbstractBackup
-from backup.exceptions import KnownError, ensureKey
+from backup.exceptions import KnownError, GoogleCredGenerateError, ensureKey
 from backup.util import GlobalInfo, Estimator, File, DataCache, UpgradeFlags
 from backup.ha import HaSource, PendingBackup, BACKUP_NAME_KEYS, HaRequests, HaUpdater
 from backup.ha import Password
 from backup.time import Time
 from backup.worker import Trigger
 from backup.logger import getLogger, getHistory, TraceLogger
-from backup.creds import Exchanger, MANUAL_CODE_REDIRECT_URI, Creds
+from backup.creds import Exchanger, Creds
 from backup.debugworker import DebugWorker
-from backup.drive import FolderFinder
+from backup.drive import FolderFinder, AuthCodeQuery
 from backup.const import FOLDERS
 from .debug import Debug
 from yarl import URL
@@ -46,13 +46,14 @@ def __init__(self, debug: Debug, coord: Coordinator, ha_source: HaSource, harequ
                  time: Time, config: Config, global_info: GlobalInfo, estimator: Estimator,
                  session: ClientSession, exchanger_builder: ClassAssistedBuilder[Exchanger],
                  debug_worker: DebugWorker, folder_finder: FolderFinder, data_cache: DataCache,
-                 haupdater: HaUpdater):
+                 haupdater: HaUpdater, custom_auth_provider: ProviderOf[AuthCodeQuery]):
         super().__init__()
         # Currently running server tasks
         self.runners = []
         self.exchanger_builder = exchanger_builder
         self._coord = coord
         self._time = time
+        self.custom_auth_provider = custom_auth_provider
         self.manual_exchanger: Exchanger = None
         self.config: Config = config
         self.auth_cache: Dict[str, Any] = {}
@@ -72,6 +73,10 @@ def __init__(self, debug: Debug, coord: Coordinator, ha_source: HaSource, harequ
         self.ignore_other_turned_on = False
         self._data_cache = data_cache
         self._haupdater = haupdater
+        self._check_creds_loop: asyncio.Task = None
+        self._check_creds_error: Exception = None
+        self._device_code_authorizer: AuthCodeQuery = None
+        self._upload_event = asyncio.Event()
 
     def name(self):
         return "UI Server"
@@ -225,34 +230,49 @@ def formatAddons(self, backup_data):
             })
         return addons
 
+    async def manualCredCheckLoop(self, auth: AuthCodeQuery):
+        try:
+            creds = await auth.waitForPermission()
+            self._coord.saveCreds(creds)
+        except asyncio.CancelledError:
+            # Cancelled, thats fine
+            pass
+        except Exception as e:
+            self._check_creds_error = e
+
+    async def checkManualAuth(self, request: Request):
+        if self._check_creds_error is not None:
+            raise self._check_creds_error
+        elif self._device_code_authorizer is not None:
+            return web.json_response({
+                'message': "Waiting for you to authorize the add-on.",
+                'auth_url': self._device_code_authorizer.verification_url,
+                'code': self._device_code_authorizer.user_code,
+                'expires': self._time.formatDelta(self._device_code_authorizer.expiration)
+            })
+        else:
+            return web.json_response({
+                'message': "No request for authorization is in progress."
+            })
+
     async def manualauth(self, request: Request) -> None:
         client_id = request.query.get("client_id", "")
-        code = request.query.get("code", "")
         client_secret = request.query.get("client_secret", "")
-        if client_id != "" and client_secret != "":
-            try:
-                # Redirect to the webpage that takes you to the google auth page.
-                self.manual_exchanger = self.exchanger_builder.build(
-                    client_id=client_id.strip(),
-                    client_secret=client_secret.strip(),
-                    redirect=MANUAL_CODE_REDIRECT_URI)
-                return web.json_response({
-                    'auth_url': await self.manual_exchanger.getAuthorizationUrl()
-                })
-            except Exception as e:
-                return web.json_response({
-                    'error': "Couldn't create authorization URL, Google said:" + str(e)
-                })
-        elif code != "":
-            try:
-                self._coord.saveCreds(await self.manual_exchanger.exchange(code))
-                self._global_info.setIngoreErrorsForNow(True)
-                return web.json_response({'auth_url': "index?fresh=true"})
-            except KnownError as e:
-                return web.json_response({'error': e.message()})
-            except Exception as e:
-                return web.json_response({'error': "Couldn't authorize with Google Drive, Google said:" + str(e)})
-        raise HTTPBadRequest()
+        if client_id == "" or client_secret == "":
+            raise GoogleCredGenerateError("Invalid information provided")
+
+        if self._check_creds_loop is not None and not self._check_creds_loop.done():
+            self._check_creds_loop.cancel()
+            await self._check_creds_loop
+        self._device_code_authorizer = self.custom_auth_provider.get()
+        await self._device_code_authorizer.requestCredentials(client_id, client_secret)
+        self._check_creds_error = None
+        self._check_creds_loop = asyncio.create_task(self.manualCredCheckLoop(self._device_code_authorizer))
+        return web.json_response({
+            'auth_url': self._device_code_authorizer.verification_url,
+            'code': self._device_code_authorizer.user_code,
+            'expires': self._time.formatDelta(self._device_code_authorizer.expiration),
+        })
 
     async def backup(self, request: Request) -> Any:
         custom_name = request.query.get("custom_name", None)
@@ -526,10 +546,17 @@ async def _updateConfiguration(self, new_config, backup_folder_id=None, trigger=
             'reload_page': self.config.get(Setting.ENABLE_DRIVE_UPLOAD) != old_drive_option
         }
 
+    async def waitForUpload(self):
+        await self._upload_event.wait()
+
+    async def _doUpload(self, slug):
+        await self._coord.uploadBackups(slug)
+        self._upload_event.set()
+
     async def upload(self, request: Request):
         slug = request.query.get("slug", "")
-        await self._coord.uploadBackups(slug)
-        return web.json_response({'message': "Backup uploaded to Home Assistant"})
+        asyncio.create_task(self._doUpload(slug))
+        return web.json_response({'message': "Uploading backup in the background"})
 
     async def redirect(self, request, url):
         context = {
@@ -655,6 +682,7 @@ def _addRoutes(self, app):
         self._addRoute(app, self.callbackupsnapshot)
         self._addRoute(app, self.ignore)
         self._addRoute(app, self.ackignorecheck)
+        self._addRoute(app, self.checkManualAuth)
 
     def _addRoute(self, app, method):
         app.add_routes([
diff --git a/hassio-google-drive-backup/config.json b/hassio-google-drive-backup/config.json
index 27a191ae..8fd11328 100644
--- a/hassio-google-drive-backup/config.json
+++ b/hassio-google-drive-backup/config.json
@@ -1,6 +1,6 @@
 {
   "name": "Home Assistant Google Drive Backup",
-  "version": "0.105.2",
+  "version": "0.106.1",
   "slug": "hassio_google_drive_backup",
   "description": "Automatically manage backups between Home Assistant and Google Drive",
   "arch": ["armhf", "armv7", "aarch64", "amd64", "i386"],
diff --git a/hassio-google-drive-backup/dev/data/dev_options.json b/hassio-google-drive-backup/dev/data/dev_options.json
index ca779cfe..93fd1328 100644
--- a/hassio-google-drive-backup/dev/data/dev_options.json
+++ b/hassio-google-drive-backup/dev/data/dev_options.json
@@ -16,6 +16,7 @@
     "token_server_hosts": "http://localhost:56153",
     "drive_refresh_url": "http://localhost:56153/oauth2/v4/token",
     "drive_authorize_url": "http://localhost:56153/o/oauth2/v2/auth",
+    "drive_device_code_url": "http://localhost:56153/device/code",
     "drive_token_url": "http://localhost:56153/token",
     "ingress_token_file_path": "hassio-google-drive-backup/dev/data/ingress.dat",
     "log_level": "TRACE",
diff --git a/hassio-google-drive-backup/dev/request_interceptor.py b/hassio-google-drive-backup/dev/request_interceptor.py
index 37143ef5..0d24da11 100644
--- a/hassio-google-drive-backup/dev/request_interceptor.py
+++ b/hassio-google-drive-backup/dev/request_interceptor.py
@@ -19,6 +19,11 @@ def __init__(self, url, fail_after=None, status=None, response=None, wait=False,
         self.sleep = sleep
         self.response = response
         self.fail_for = fail_for
+        self.responses = []
+        self._calls = 0
+
+    def addResponse(self, response):
+        self.responses.append(response)
 
     def isMatch(self, request):
         return re.match(self.url, request.url.path)
@@ -29,7 +34,13 @@ async def waitForCall(self):
     def clear(self):
         self.wait_event.set()
 
+    def callCount(self):
+        return self._calls
+
     async def _doAction(self, request: Request):
+        self._calls += 1
+        if len(self.responses) > 0:
+            return self.responses.pop(0)
         if self.status is not None:
             await self._readAll(request)
             if self.response:
@@ -72,9 +83,10 @@ def __init__(self):
         self._matchers = []
         self._history = []
 
-    def setError(self, url, status, fail_after=None, fail_for=None, response=None):
-        matcher = UrlMatch(url, fail_after, status, response, fail_for=fail_for)
+    def setError(self, url, status=None, fail_after=None, fail_for=None, response=None) -> UrlMatch:
+        matcher = UrlMatch(url, fail_after, status=status, response=response, fail_for=fail_for)
         self._matchers.append(matcher)
+        return matcher
 
     def clear(self):
         self._matchers.clear()
diff --git a/hassio-google-drive-backup/dev/simulated_google.py b/hassio-google-drive-backup/dev/simulated_google.py
index 67ec2989..bc8dfe09 100644
--- a/hassio-google-drive-backup/dev/simulated_google.py
+++ b/hassio-google-drive-backup/dev/simulated_google.py
@@ -25,6 +25,8 @@
 URL_MATCH_UPLOAD_PROGRESS = "^/upload/drive/v3/files/progress/.*$"
 URL_MATCH_CREATE = "^/upload/drive/v3/files/progress/.*$"
 URL_MATCH_FILE = "^/drive/v3/files/.*$"
+URL_MATCH_DEVICE_CODE = "^/device/code$"
+URL_MATCH_TOKEN = "^/token$"
 
 
 @singleton
@@ -55,6 +57,8 @@ def __init__(self, config: Config, time: Time, ports: Ports):
         self._upload_chunk_trigger = Event()
         self._current_chunk = 1
         self._waitOnChunk = 0
+        self.device_auth_params = {}
+        self._device_code_accepted = None
 
     def setDriveSpaceAvailable(self, bytes_available):
         self.space_available = bytes_available
@@ -99,13 +103,73 @@ def routes(self):
             get('/o/oauth2/v2/auth', self._oAuth2Authorize),
             get('/drive/customcreds', self._getCustomCred),
             get('/drive/v3/about', self._driveAbout),
+            post('/device/code', self._deviceCode),
+            get('/device', self._device),
+            get('/debug/google', self._debug),
             post('/token', self._driveToken),
         ]
 
+    async def _debug(self, request: Request):
+        return json_response({
+            "custom_drive_client_id": self._custom_drive_client_id,
+            "custom_drive_client_secret": self._custom_drive_client_secret,
+            "device_auth_params": self.device_auth_params
+        })
+
     async def _checkDriveHeaders(self, request: Request):
         if request.headers.get("Authorization", "") != "Bearer " + self._auth_token:
             raise HTTPUnauthorized()
 
+    async def _deviceCode(self, request: Request):
+        params = await request.post()
+        client_id = params['client_id']
+        scope = params['scope']
+        if client_id != self._custom_drive_client_id or scope != 'https://www.googleapis.com/auth/drive.file':
+            raise HTTPUnauthorized()
+
+        self.device_auth_params = {
+            'device_code': self.generateId(10),
+            'expires_in': 60,
+            'interval': 1,
+            'user_code': self.generateId(8),
+            'verification_url': str(URL("http://localhost").with_port(self._port).with_path("device"))
+        }
+        self._device_code_accepted = None
+        return json_response(self.device_auth_params)
+
+    async def _device(self, request: Request):
+        code = request.query.get('code')
+        if code:
+            if self.device_auth_params.get('user_code', "dfsdfsdfsdfs") == code:
+                body = "Accepted"
+                self._device_code_accepted = True
+                self.generateNewRefreshToken()
+                self.generateNewAccessToken()
+            else:
+                body = "Wrong code"
+        else:
+            body = """
+            <html>
+                <head>
+                    <meta content="text/html;charset=utf-8" http-equiv="Content-Type">
+                    <meta content="utf-8" http-equiv="encoding">
+                    <title>Simulated Drive Device Authorization</title>
+                </head>
+                <body>
+                    <div>
+                        Enter the device code provided below
+                    </div>
+                    <form>
+                    <label for="code">Device Code:</label><br>
+                    <input type="text" value="Device Code" id="code" name="code">
+                    <input type="submit" value="Submit">
+                    </form>
+                </body>
+            </html>
+            """
+        resp = Response(body=body, content_type="text/html")
+        return resp
+
     async def _oAuth2Authorize(self, request: Request):
         query = request.query
         if query.get('client_id') != self.config.get(Setting.DEFAULT_DRIVE_CLIENT_ID) and query.get('client_id') != self._custom_drive_client_id:
@@ -137,14 +201,25 @@ async def _getCustomCred(self, request: Request):
 
     async def _driveToken(self, request: Request):
         data = await request.post()
-        if data.get('redirect_uri') not in ["http://localhost:{}/drive/authorize".format(self._port), 'urn:ietf:wg:oauth:2.0:oob']:
-            raise HTTPUnauthorized()
-        if data.get('grant_type') != 'authorization_code':
-            raise HTTPUnauthorized()
         if not self._checkClientIdandSecret(data.get('client_id'), data.get('client_secret')):
             raise HTTPUnauthorized()
-        if data.get('code') != self._drive_auth_code:
-            raise HTTPUnauthorized()
+        if data.get('grant_type') == 'authorization_code':
+            if data.get('redirect_uri') not in ["http://localhost:{}/drive/authorize".format(self._port), 'urn:ietf:wg:oauth:2.0:oob']:
+                raise HTTPUnauthorized()
+            if data.get('code') != self._drive_auth_code:
+                raise HTTPUnauthorized()
+        elif data.get('grant_type') == 'urn:ietf:params:oauth:grant-type:device_code':
+            if data.get('device_code') != self.device_auth_params['device_code']:
+                raise HTTPUnauthorized()
+            if self._device_code_accepted is None:
+                return json_response({
+                    "error": "authorization_pending",
+                    "error_description": "Precondition Required"
+                }, status=428)
+            elif self._device_code_accepted is False:
+                raise HTTPUnauthorized()
+        else:
+            raise HTTPBadRequest()
         self.generateNewRefreshToken()
         return json_response({
             'access_token': self._auth_token,
@@ -171,17 +246,29 @@ async def _oauth2Token(self, request: Request):
             raise HTTPUnauthorized()
         if params['refresh_token'] != self._refresh_token:
             raise HTTPUnauthorized()
-        if params['grant_type'] != 'refresh_token':
+        if params['grant_type'] == 'refresh_token':
+            self.generateNewAccessToken()
+            return json_response({
+                'access_token': self._auth_token,
+                'expires_in': 3600,
+                'token_type': 'doesn\'t matter'
+            })
+        elif params['grant_type'] == 'urn:ietf:params:oauth:grant-type:device_code':
+            if params['device_code'] != self.device_auth_params['device_code']:
+                raise HTTPUnauthorized()
+            if not self._device_code_accepted:
+                return json_response({
+                    "error": "authorization_pending",
+                    "error_description": "Precondition Required"
+                }, status=428)
+            return json_response({
+                'access_token': self._auth_token,
+                'expires_in': 3600,
+                'token_type': 'doesn\'t matter'
+            })
+        else:
             raise HTTPUnauthorized()
 
-        self.generateNewAccessToken()
-
-        return json_response({
-            'access_token': self._auth_token,
-            'expires_in': 3600,
-            'token_type': 'doesn\'t matter'
-        })
-
     def filter_fields(self, item: Dict[str, Any], fields) -> Dict[str, Any]:
         ret = {}
         for field in fields:
diff --git a/hassio-google-drive-backup/dev/simulated_supervisor.py b/hassio-google-drive-backup/dev/simulated_supervisor.py
index 6a0b9145..a154b80f 100644
--- a/hassio-google-drive-backup/dev/simulated_supervisor.py
+++ b/hassio-google-drive-backup/dev/simulated_supervisor.py
@@ -88,6 +88,7 @@ def routes(self):
             get('/supervisor/logs', self._supervisorLogs),
             get('/core/logs', self._coreLogs),
             get('/debug/insert/backup', self._debug_insert_backup),
+            get('/debug/info', self._debugInfo),
 
             get('/backups', self._getBackups),
             delete('/backups/{slug}', self._deletebackup),
@@ -309,6 +310,16 @@ async def _selfInfo(self, request: Request):
             "options": self._options
         })
 
+    async def _debugInfo(self, request: Request):
+        return self._formatDataResponse({
+            "config": {
+                "   webui": "http://some/address",
+                'ingress_url': "fill me in later",
+                "slug": self._addon_slug,
+                "options": self._options
+            }
+        })
+
     async def _miscInfo(self, request: Request):
         await self._verifyHeader(request)
         return self._formatDataResponse({
diff --git a/hassio-google-drive-backup/dev/simulationserver.py b/hassio-google-drive-backup/dev/simulationserver.py
index e035f430..d0427bfc 100644
--- a/hassio-google-drive-backup/dev/simulationserver.py
+++ b/hassio-google-drive-backup/dev/simulationserver.py
@@ -134,6 +134,7 @@ def getConfig(self) -> Config:
             Setting.AUTHORIZATION_HOST: str(self._base_url),
             Setting.TOKEN_SERVER_HOSTS: str(self._base_url),
             Setting.DRIVE_TOKEN_URL: str(self._base_url.with_path("token")),
+            Setting.DRIVE_DEVICE_CODE_URL: str(self._base_url.with_path("device/code")),
             Setting.DRIVE_REFRESH_URL: str(self._base_url.with_path("oauth2/v4/token")),
             Setting.INGRESS_PORT: 56152
         })
diff --git a/hassio-google-drive-backup/tests/conftest.py b/hassio-google-drive-backup/tests/conftest.py
index ab87983b..e983d5f4 100644
--- a/hassio-google-drive-backup/tests/conftest.py
+++ b/hassio-google-drive-backup/tests/conftest.py
@@ -15,11 +15,12 @@
 from backup.config import Config, Setting
 from backup.model import Coordinator
 from dev.simulationserver import SimulationServer
-from backup.drive import DriveRequests, DriveSource, FolderFinder
+from backup.drive import DriveRequests, DriveSource, FolderFinder, AuthCodeQuery
 from backup.util import GlobalInfo, Estimator, Resolver, DataCache
 from backup.ha import HaRequests, HaSource, HaUpdater
 from backup.logger import reset
 from backup.model import Model
+from backup.model import DummyBackup
 from backup.time import Time
 from backup.module import BaseModule
 from backup.debugworker import DebugWorker
@@ -28,7 +29,7 @@
 from backup.ha import AddonStopper
 from backup.ui import UiServer
 from .faketime import FakeTime
-from .helpers import Uploader
+from .helpers import Uploader, createBackupTar
 from dev.ports import Ports
 from dev.simulated_google import SimulatedGoogle
 from dev.request_interceptor import RequestInterceptor
@@ -147,6 +148,7 @@ async def generate_config(server_url: URL, ports, cleandir):
         Setting.DRIVE_REFRESH_URL: str(server_url.with_path("/oauth2/v4/token")),
         Setting.DRIVE_AUTHORIZE_URL: str(server_url.with_path("/o/oauth2/v2/auth")),
         Setting.DRIVE_TOKEN_URL: str(server_url.with_path("/token")),
+        Setting.DRIVE_DEVICE_CODE_URL: str(server_url.with_path("/device/code")),
         Setting.SUPERVISOR_TOKEN: "test_header",
         Setting.SECRETS_FILE_PATH: "secrets.yaml",
         Setting.CREDENTIALS_FILE_PATH: "credentials.dat",
@@ -258,6 +260,11 @@ async def estimator(injector, fs):
     return injector.get(Estimator)
 
 
+@pytest.fixture
+async def device_code(injector):
+    return injector.get(AuthCodeQuery)
+
+
 @pytest.fixture
 async def error_store(injector):
     return injector.get(ErrorStore)
@@ -374,3 +381,20 @@ async def debug_worker(injector):
 @pytest.fixture()
 async def folder_finder(injector):
     return injector.get(FolderFinder)
+
+
+class BackupHelper():
+    def __init__(self, uploader, time):
+        self.time = time
+        self.uploader = uploader
+
+    async def createFile(self, size=1024 * 1024 * 2, slug="testslug", name="Test Name"):
+        from_backup: DummyBackup = DummyBackup(
+            name, self.time.toUtc(self.time.local(1985, 12, 6)), "fake source", slug)
+        data = await self.uploader.upload(createBackupTar(slug, name, self.time.now(), size))
+        return from_backup, data
+
+
+@pytest.fixture
+def backup_helper(uploader, time):
+    return BackupHelper(uploader, time)
diff --git a/hassio-google-drive-backup/tests/test_authcodequery.py b/hassio-google-drive-backup/tests/test_authcodequery.py
new file mode 100644
index 00000000..f04eda70
--- /dev/null
+++ b/hassio-google-drive-backup/tests/test_authcodequery.py
@@ -0,0 +1,104 @@
+import pytest
+
+from backup.drive import AuthCodeQuery
+from backup.exceptions import LogicError, GoogleCredGenerateError, ProtocolError
+from dev.request_interceptor import RequestInterceptor
+from dev.simulated_google import URL_MATCH_TOKEN, SimulatedGoogle, URL_MATCH_DEVICE_CODE
+from aiohttp.web_response import json_response
+from backup.config import Config, Setting
+
+
+@pytest.mark.asyncio
+async def test_invalid_sequence(device_code: AuthCodeQuery, interceptor: RequestInterceptor) -> None:
+    with pytest.raises(LogicError):
+        await device_code.waitForPermission()
+
+
+@pytest.mark.asyncio
+async def test_success(device_code: AuthCodeQuery, interceptor: RequestInterceptor, google: SimulatedGoogle, server) -> None:
+    await device_code.requestCredentials(google._custom_drive_client_id, google._custom_drive_client_secret)
+
+    google._device_code_accepted = True
+    assert await device_code.waitForPermission() is not None
+
+
+@pytest.mark.asyncio
+async def test_google_failure_on_request(device_code: AuthCodeQuery, interceptor: RequestInterceptor, google: SimulatedGoogle, server) -> None:
+    interceptor.setError(URL_MATCH_DEVICE_CODE, 458)
+    with pytest.raises(GoogleCredGenerateError) as error:
+        await device_code.requestCredentials(google._custom_drive_client_id, google._custom_drive_client_secret)
+    assert error.value.message() == "Google responded with error status HTTP 458.  Please verify your credentials are set up correctly."
+
+
+@pytest.mark.asyncio
+async def test_failure_on_http_unknown(device_code: AuthCodeQuery, interceptor: RequestInterceptor, google: SimulatedGoogle, server) -> None:
+    await device_code.requestCredentials(google._custom_drive_client_id, google._custom_drive_client_secret)
+
+    interceptor.setError(URL_MATCH_TOKEN, 500)
+
+    with pytest.raises(GoogleCredGenerateError) as error:
+        await device_code.waitForPermission()
+    assert error.value.message() == "Failed unexpectedly while trying to reach Google.  See the add-on logs for details."
+
+
+@pytest.mark.asyncio
+async def test_success_after_wait(device_code: AuthCodeQuery, interceptor: RequestInterceptor, google: SimulatedGoogle, server) -> None:
+    await device_code.requestCredentials(google._custom_drive_client_id, google._custom_drive_client_secret)
+
+    match = interceptor.setError(URL_MATCH_TOKEN)
+    match.addResponse(json_response(data={'error': "slow_down"}, status=403))
+
+    google._device_code_accepted = True
+    await device_code.waitForPermission()
+
+    assert match.callCount() == 2
+
+
+@pytest.mark.asyncio
+async def test_success_after_428(device_code: AuthCodeQuery, interceptor: RequestInterceptor, google: SimulatedGoogle, server) -> None:
+    await device_code.requestCredentials(google._custom_drive_client_id, google._custom_drive_client_secret)
+
+    match = interceptor.setError(URL_MATCH_TOKEN)
+    match.addResponse(json_response(data={}, status=428))
+    match.addResponse(json_response(data={}, status=428))
+    match.addResponse(json_response(data={}, status=428))
+    match.addResponse(json_response(data={}, status=428))
+    match.addResponse(json_response(data={}, status=428))
+
+    google._device_code_accepted = True
+    await device_code.waitForPermission()
+
+    assert match.callCount() == 6
+
+
+@pytest.mark.asyncio
+async def test_permission_failure(device_code: AuthCodeQuery, interceptor: RequestInterceptor, google: SimulatedGoogle, server) -> None:
+    await device_code.requestCredentials(google._custom_drive_client_id, google._custom_drive_client_secret)
+
+    match = interceptor.setError(URL_MATCH_TOKEN)
+    match.addResponse(json_response(data={}, status=403))
+
+    google._device_code_accepted = False
+    with pytest.raises(GoogleCredGenerateError) as error:
+        await device_code.waitForPermission()
+    assert error.value.message() == "Google refused the request to connect your account, either because you rejected it or they were set up incorrectly."
+
+
+@pytest.mark.asyncio
+async def test_json_parse_failure(device_code: AuthCodeQuery, interceptor: RequestInterceptor, google: SimulatedGoogle, server) -> None:
+    await device_code.requestCredentials(google._custom_drive_client_id, google._custom_drive_client_secret)
+
+    interceptor.setError(URL_MATCH_TOKEN, 200)
+
+    with pytest.raises(ProtocolError):
+        await device_code.waitForPermission()
+
+
+@pytest.mark.asyncio
+async def test_repeated_failure(device_code: AuthCodeQuery, interceptor: RequestInterceptor, google: SimulatedGoogle, server, config: Config) -> None:
+    await device_code.requestCredentials(google._custom_drive_client_id, google._custom_drive_client_secret)
+
+    config.override(Setting.DRIVE_TOKEN_URL, "http://go.nowhere")
+    with pytest.raises(GoogleCredGenerateError) as error:
+        await device_code.waitForPermission()
+    error.value.message() == "Failed unexpectedly too many times while attempting to reach Google.  See the logs for details."
diff --git a/hassio-google-drive-backup/tests/test_durationasstringvalidator.py b/hassio-google-drive-backup/tests/test_durationasstringvalidator.py
new file mode 100644
index 00000000..933fe2b0
--- /dev/null
+++ b/hassio-google-drive-backup/tests/test_durationasstringvalidator.py
@@ -0,0 +1,28 @@
+from backup.config import DurationAsStringValidator
+from backup.exceptions import InvalidConfigurationValue
+from datetime import timedelta
+import pytest
+
+
+def test_minimum():
+    parser = DurationAsStringValidator("test", minimum=10)
+    assert parser.validate("11 seconds") == 11
+    assert parser.validate(11) == 11
+    with pytest.raises(InvalidConfigurationValue):
+        parser.validate("9 seconds")
+
+
+def test_maximum():
+    parser = DurationAsStringValidator("test", maximum=10)
+    assert parser.validate("9 seconds") == 9
+    assert parser.validate(9) == 9
+    with pytest.raises(InvalidConfigurationValue):
+        parser.validate("11 seconds")
+    assert parser.formatForUi(9) == "9 seconds"
+
+
+def test_base():
+    parser = DurationAsStringValidator("test", base_seconds=60)
+    assert parser.validate("60 seconds") == 1
+    assert parser.validate(60) == 60
+    assert parser.formatForUi(1) == "1 minutes"
diff --git a/hassio-google-drive-backup/tests/test_exceptions.py b/hassio-google-drive-backup/tests/test_exceptions.py
index 8acdff4e..2af73ad0 100644
--- a/hassio-google-drive-backup/tests/test_exceptions.py
+++ b/hassio-google-drive-backup/tests/test_exceptions.py
@@ -2,7 +2,7 @@
 import backup.exceptions
 import inspect
 import pytest
-from backup.exceptions import KnownError, KnownTransient, SimulatedError, GoogleDrivePermissionDenied, InvalidConfigurationValue, LogicError, ProtocolError, NoBackup, NotUploadable, PleaseWait, UploadFailed
+from backup.exceptions import GoogleCredGenerateError, KnownError, KnownTransient, SimulatedError, GoogleDrivePermissionDenied, InvalidConfigurationValue, LogicError, ProtocolError, NoBackup, NotUploadable, PleaseWait, UploadFailed
 from .conftest import ReaderHelper
 
 
@@ -20,7 +20,8 @@ async def test_verify_coverage(ui_server, reader: ReaderHelper):
         NotUploadable,
         PleaseWait,
         ProtocolError,
-        UploadFailed
+        UploadFailed,
+        GoogleCredGenerateError,
     ]
     codes = {}
     for name, obj in inspect.getmembers(backup.exceptions):
diff --git a/hassio-google-drive-backup/tests/test_model.py b/hassio-google-drive-backup/tests/test_model.py
index 417989a6..047bd396 100644
--- a/hassio-google-drive-backup/tests/test_model.py
+++ b/hassio-google-drive-backup/tests/test_model.py
@@ -771,3 +771,61 @@ async def test_generational_empty(time, model: Model, dest, source, simple_confi
     assert len(model.backups) == 0
     await model.sync(now)
     assert len(model.backups) == 1
+
+
+@pytest.mark.asyncio
+async def test_delete_ignored_other_backup_after_some_time(time: FakeTime, model: Model, dest: HelperTestSource, source: HelperTestSource, simple_config: Config):
+    # Create a few backups, one ignored
+    source.setMax(2)
+    dest.setMax(2)
+    simple_config.override(Setting.DAYS_BETWEEN_BACKUPS, 0)
+    simple_config.override(Setting.IGNORE_OTHER_BACKUPS, True)
+    simple_config.override(Setting.DELETE_IGNORED_AFTER_DAYS, 1)
+    ignored = source.insert("Ignored", time.now())
+    source.insert("Existing", time.now())
+    ignored.setIgnore(True)
+    await model.sync(time.now())
+    source.assertThat(current=2)
+    dest.assertThat(saved=1, current=1)
+    source.reset()
+    dest.reset()
+
+    time.advance(hours=23)
+    await model.sync(time.now())
+
+    source.assertThat(current=2)
+    dest.assertThat(current=1)
+
+    time.advance(hours=2)
+    await model.sync(time.now())
+    source.assertThat(current=1, deleted=1)
+    dest.assertThat(current=1)
+
+
+@pytest.mark.asyncio
+async def test_delete_ignored_upgrade_backup_after_some_time(time: FakeTime, model: Model, dest: HelperTestSource, source: HelperTestSource, simple_config: Config):
+    # Create a few backups, one ignored
+    source.setMax(2)
+    dest.setMax(2)
+    simple_config.override(Setting.DAYS_BETWEEN_BACKUPS, 0)
+    simple_config.override(Setting.IGNORE_UPGRADE_BACKUPS, True)
+    simple_config.override(Setting.DELETE_IGNORED_AFTER_DAYS, 1)
+    ignored = source.insert("Ignored", time.now())
+    source.insert("Existing", time.now())
+    ignored.setIgnore(True)
+    await model.sync(time.now())
+    source.assertThat(current=2)
+    dest.assertThat(saved=1, current=1)
+    source.reset()
+    dest.reset()
+
+    time.advance(hours=23)
+    await model.sync(time.now())
+
+    source.assertThat(current=2)
+    dest.assertThat(current=1)
+
+    time.advance(hours=2)
+    await model.sync(time.now())
+    source.assertThat(current=1, deleted=1)
+    dest.assertThat(current=1)
diff --git a/hassio-google-drive-backup/tests/test_uiserver.py b/hassio-google-drive-backup/tests/test_uiserver.py
index ee237e7f..9e34f114 100644
--- a/hassio-google-drive-backup/tests/test_uiserver.py
+++ b/hassio-google-drive-backup/tests/test_uiserver.py
@@ -29,6 +29,8 @@
 from yarl import URL
 from dev.ports import Ports
 from dev.simulated_supervisor import SimulatedSupervisor
+from dev.simulationserver import SimulationServer
+from dev.simulated_google import SimulatedGoogle
 from bs4 import BeautifulSoup
 from .conftest import ReaderHelper
 
@@ -752,33 +754,61 @@ async def test_update_sync_interval(reader, ui_server, config: Config, superviso
 
 
 @pytest.mark.asyncio
-async def test_manual_creds(reader: ReaderHelper, ui_server: UiServer, config: Config, server, session, drive: DriveSource):
+async def test_manual_creds(reader: ReaderHelper, ui_server: UiServer, config: Config, server: SimulationServer, session, drive: DriveSource):
+    periodic_check = await reader.getjson("checkManualAuth")
+    assert periodic_check['message'] == "No request for authorization is in progress."
+    drive.saveCreds(None)
+    assert not drive.enabled()
+
     # get the auth url
-    req_path = "manualauth?client_id={}&client_secret={}".format(config.get(
-        Setting.DEFAULT_DRIVE_CLIENT_ID), config.get(Setting.DEFAULT_DRIVE_CLIENT_SECRET))
-    data = await reader.getjson(req_path)
+    req_path = URL("manualauth").with_query({
+        "client_id": server.google._custom_drive_client_id,
+        "client_secret": server.google._custom_drive_client_secret})
+    data = await reader.getjson(str(req_path))
     assert "auth_url" in data
+    assert "code" in data
+    assert "expires" in data
 
-    # request the auth code from "google"
-    async with session.get(data["auth_url"], allow_redirects=False) as resp:
-        code = (await resp.json())["code"]
+    periodic_check = await reader.getjson("checkManualAuth")
+    assert periodic_check['message'] == "Waiting for you to authorize the add-on."
 
-    drive.saveCreds(None)
-    assert not drive.enabled()
-    # Pass the auth code to generate creds
-    req_path = "manualauth?code={}".format(code)
-    assert await reader.getjson(req_path) == {
-        'auth_url': "index?fresh=true"
-    }
+    # Authorize the device using the url and device code provided
+    authorize_url = URL(data["auth_url"]).with_query({"code": data['code']})
+    async with session.get(str(authorize_url), allow_redirects=False) as resp:
+        resp.raise_for_status()
+
+    # TODO: Wait for new credentials in a smarter way.
+    await asyncio.sleep(2)
 
     # verify creds are saved and drive is enabled
     assert drive.enabled()
 
-    # Now verify that bad creds fail predictably
-    req_path = "manualauth?code=bad_code"
-    assert await reader.getjson(req_path) == {
-        'error': 'Your Google Drive credentials have expired.  Please reauthorize with Google Drive through the Web UI.'
-    }
+
+@pytest.mark.asyncio
+async def test_manual_creds_failure(reader: ReaderHelper, ui_server: UiServer, config: Config, server: SimulationServer, session, drive: DriveSource):
+    drive.saveCreds(None)
+    assert not drive.enabled()
+
+    # Try with a bad client_id
+    req_path = URL("manualauth").with_query({
+        "client_id": "wrong_id",
+        "client_secret": server.google._custom_drive_client_secret})
+    data = await reader.getjson(str(req_path), status=500)
+    assert data["message"] == "Google responded with error status HTTP 401.  Please verify your credentials are set up correctly."
+
+    # Try with a bad client_secret
+    req_path = URL("manualauth").with_query({
+        "client_id": server.google._custom_drive_client_id,
+        "client_secret": "wrong_secret"})
+    data = await reader.getjson(str(req_path))
+
+    await asyncio.sleep(2)
+
+    periodic_check = await reader.getjson("checkManualAuth", status=500)
+    assert periodic_check['message'] == "Failed unexpectedly while trying to reach Google.  See the add-on logs for details."
+
+    # verify creds are saved and drive is enabled
+    assert not drive.enabled()
 
 
 @pytest.mark.asyncio
@@ -829,19 +859,26 @@ async def test_change_specify_folder_setting(reader: ReaderHelper, server, sessi
 
 
 @pytest.mark.asyncio
-async def test_change_specify_folder_setting_with_manual_creds(reader: ReaderHelper, google, session, coord: Coordinator, folder_finder: FolderFinder, drive: DriveSource, config):
+async def test_change_specify_folder_setting_with_manual_creds(reader: ReaderHelper, google: SimulatedGoogle, session, coord: Coordinator, folder_finder: FolderFinder, drive: DriveSource, config):
     google.resetDriveAuth()
-    # Generate manual credentials
-    req_path = "manualauth?client_id={}&client_secret={}".format(
-        google._custom_drive_client_id, google._custom_drive_client_secret)
-    data = await reader.getjson(req_path)
-    assert "auth_url" in data
-    async with session.get(data["auth_url"], allow_redirects=False) as resp:
-        code = (await resp.json())["code"]
     drive.saveCreds(None)
     assert not drive.enabled()
-    req_path = "manualauth?code={}".format(code)
-    await reader.getjson(req_path)
+
+    # get the auth url
+    req_path = URL("manualauth").with_query({
+        "client_id": google._custom_drive_client_id,
+        "client_secret": google._custom_drive_client_secret})
+    data = await reader.getjson(str(req_path))
+
+    # Authorize the device using the url and device code provided
+    authorize_url = URL(data["auth_url"]).with_query({"code": data['code']})
+    async with session.get(str(authorize_url), allow_redirects=False) as resp:
+        resp.raise_for_status()
+
+    # TODO: wait for creds in a smarter way
+    await asyncio.sleep(2)
+
+    assert drive.enabled()
     assert drive.isCustomCreds()
 
     await coord.sync()
@@ -1054,3 +1091,19 @@ async def test_snapshot_to_backup_upgrade_avoid_default_overwrite(reader: Reader
     assert Setting.CALL_BACKUP_SNAPSHOT.value in supervisor._options
     assert config.get(Setting.CALL_BACKUP_SNAPSHOT)
     assert config.get(Setting.MAX_BACKUPS_IN_HA) == 7
+
+
+@pytest.mark.asyncio
+async def test_ha_upload(reader: ReaderHelper, backup_helper, ui_server: UiServer, drive: DriveSource, ha: HaSource, config: Config, model, time):
+    from_backup, data = await backup_helper.createFile()
+    backup = await drive.save(from_backup, data)
+
+    config.override(Setting.DAYS_BETWEEN_BACKUPS, 0)
+    await model.sync(time.now())
+    assert len(await ha.get()) == 0
+    assert len(await drive.get()) == 1
+
+    reply = await reader.getjson(str(URL("upload").with_query({"slug": backup.slug()})))
+    assert reply['message'] == "Uploading backup in the background"
+    await ui_server.waitForUpload()
+    assert len(await ha.get()) == 1