• Welcome to the FREE TUGBBS forums! The absolute best place for owners to get help and advice about their timeshares for more than 32 years!

    Join Tens of Thousands of other owners just like you here to get any and all Timeshare questions answered 24 hours a day!
  • TUG started 32 years ago in October 1993 as a group of regular Timeshare owners just like you!

    Read about our 32nd anniversary: Happy 32nd Birthday TUG!
  • TUG has a YouTube Channel to produce weekly short informative videos on popular Timeshare topics!

    All subscribers auto-entered to win all free TUG membership giveaways!

    Visit TUG on Youtube!
  • TUG has now saved timeshare owners more than $24,000,000 dollars just by finding us in time to rescind a new Timeshare purchase! A truly incredible milestone!

    Read more here: TUG saves owners more than $24 Million dollars
  • Wish you could meet up with other TUG members? Well look no further as this annual event has been going on for years in Orlando! How to Attend the TUG January Get-Together!
  • Now through the end of the year you can join or renew your TUG membership at the lowest price ever offered! Learn More!
  • Sign up to get the TUG Newsletter for free!

    Tens of thousands of subscribing owners! A weekly recap of the best Timeshare resort reviews and the most popular topics discussed by owners!
  • Our official "end my sales presentation early" T-shirts are available again! Also come with the option for a free membership extension with purchase to offset the cost!

    All T-shirt options here!
  • A few of the most common links here on the forums for newbies and guests!

2-factor authentication on the way for the website

dioxide45 said:
I saw this, and watched the video. I wonder if this is also another method to limit point brokers?
Click to expand...

That was my first thought too. I doubt they are actually worried about security and see it as a way to make it harder for points brokers.

I mean when you call in they literally only ask your name and address and phone number. Very basic stuff that is very easy to find- not very secure!
 
jwalk03 said:
That was my first thought too. I doubt they are actually worried about security and see it as a way to make it harder for points brokers.

I mean when you call in they literally only ask your name and address and phone number. Very basic stuff that is very easy to find- not very secure!
Click to expand...
I recall an incident a couple years ago where they, or someone, claimed that an owner's account was compromised and points "stolen" and rented. Those renters had their reservations cancelled and lost. Some were out a lot of money. I suppose this would help in that regard.
 
Hindsite said:
About time..
View attachment 120780
Click to expand...


I'm surprised they are just introducing this to their members now. I already have this and have been using this since August of 2025.

Since I've been using this for 5 months I don't believe the January 24th, 2026 shutdown of the website has anything to do with the two factor authentication.

I would suggest TUG members contacting the Marriott helpless desk if you want to place it into effect immediately for your own account. By the way, I strongly urge everyone to do this in order to prevent any unauthorized persons from potentially accessing your Marriott Point Balance (which is a serious ongoing issue for Marriott members).




















.
 
They're a couple of years behind the curve with this. If they had implemented 2FA back when it started to take off across a variety of industries on their apps and websites, maybe by now they'd be free to focus on at least some sort of usability improvements...
 
TheTimeTraveler said:
I'm surprised they are just introducing this to their members now. I already have this and have been using this since August of 2025.

Since I've been using this for 5 months I don't believe the January 24th, 2026 shutdown of the website has anything to do with the two factor authentication.

I would suggest TUG members contacting the Marriott helpless desk if you want to place it into effect immediately for your own account. By the way, I strongly urge everyone to do this in order to prevent any unauthorized persons from potentially accessing your Marriott Point Balance (which is a serious ongoing issue for Marriott members).




















.
Click to expand...
What Marriott point balance are you referring to? What Marriott members are you referring to? What website are you referring to?
 
TheTimeTraveler said:
I'm surprised they are just introducing this to their members now. I already have this and have been using this since August of 2025.

Since I've been using this for 5 months I don't believe the January 24th, 2026 shutdown of the website has anything to do with the two factor authentication.

I would suggest TUG members contacting the Marriott helpless desk if you want to place it into effect immediately for your own account. By the way, I strongly urge everyone to do this in order to prevent any unauthorized persons from potentially accessing your Marriott Point Balance (which is a serious ongoing issue for Marriott members).
Click to expand...
I can't find any way to set up 2FA on the website at this time. It seems you set yours up manually? I don't think they would want to do have to do that for every owner. So the website shutdown might be intended as a rollout to all owners and making 2FA required.
 
dioxide45 said:
I can't find any way to set up 2FA on the website at this time. It seems you set yours up manually? I don't think they would want to do have to do that for every owner. So the website shutdown might be intended as a rollout to all owners and making 2FA required.
Click to expand...


Someone had attempted to transfer 400,000 of my credit card points into their airline account to use with their airline miles account. Marriott loss prevention smelled something fishy and notified me of the attempted fraud. At the time I said that was a good reason to establish two factor authentication. To my surprise they already had it available and they gladly provided it to me immediately when this occurred back in August of 2025.

If they provided it to me it proves they are already set up to do it for anyone (in my opinion). They set it up for me over the phone at the time.












.
 
TheTimeTraveler said:
Someone had attempted to transfer 400,000 of my credit card points into their airline account to use with their airline miles account. Marriott loss prevention smelled something fishy and notified me of the attempted fraud. At the time I said that was a good reason to establish two factor authentication. To my surprise they already had it available and they gladly provided it to me immediately when this occurred back in August of 2025.

If they provided it to me it proves they are already set up to do it for anyone (in my opinion). They set it up for me over the phone at the time.
Click to expand...
Though you are saying credit card points, it sounds like you are referring to Marriott Bonvoy? Not your Marriott Vacation Club ownership account. This thread is about MVC, not Bonvoy. It seems that the Marriott.com/Bonvoy website has had 2FA since 2022.
 
dioxide45 said:
Though you are saying credit card points, it sounds like you are referring to Marriott Bonvoy? Not your Marriott Vacation Club ownership account. This thread is about MVC, not Bonvoy. It seems that the Marriott.com/Bonvoy website has had 2FA since 2022.
Click to expand...


Yes, Marriott Bonvoy















.
 
TheTimeTraveler said:
Someone had attempted to transfer 400,000 of my credit card points into their airline account to use with their airline miles account. Marriott loss prevention smelled something fishy and notified me of the attempted fraud. At the time I said that was a good reason to establish two factor authentication. To my surprise they already had it available and they gladly provided it to me immediately when this occurred back in August of 2025.

If they provided it to me it proves they are already set up to do it for anyone (in my opinion). They set it up for me over the phone at the time.












.
Click to expand...
Yes on the Marriott Hotel side. Bonvoy , Mother Marriott ~ Whatever the heck you want to call them... I have also had 2 factor for a long time now. Can't even remember when I turned that on? Been that long.

That is the basic SMS text 2FA. Yes that is a good method.

Good : SMS text
Better: Authentication app on your mobile
Best: Hardware key such as Yubikey.

The SMS text is easy and ubiquitous. However it can be hacked by bad actors.

As you go to the Better and Best options it does present more technical intervention. This in turn does have a negative effect on acceptance and usage.

I doubt they will offer the Hardware key as option. If they do present the hardware key I will adopt that option.
I do hope they at least offer the Better option of the authentication app on mobile such as Authy.
 
Good move. Seems like there a couple of posts per week in the /AlaskaAirlines Reddit site about people having their accounts get hacked. No 2FA available. Not sure what they are waiting for.
 
You must log in or register to reply here.
Top