You can click on forgot password and there is an option for them to send you your password. I copied ad pasted the password from their email in order to log on.

Marriott not requiring passwords to be case sensitive is totally against IT best practices. It explains why my password appeared in upper case in their email. But why couldn't I log in, 3 attempts, with it in mixed case? That's a rhetorical question. Yes, caps lock was off on all 3 attempts.

As others have noted, emailing password is is also against IT best practices.

I work in the IT field, and yes I have changed my password to something completely different.

FWIW, the first thing I checked was mileage balances, reservations, etc and all were fine. As far as phishing, I NEVER click on any links in email, so little chance of me be phished.

Perhaps this is just an isolated case of their security being down for a breif period when I was attempting to log in. Anyway, thought I should mention it to the forum just in case it wasn't.

At least it did alert us to their shoddy security practices. Of course as many of use old timers are aware that doesn't come as a surprise with the inept Marriott Marketing, oops I mean IT department. Even though their web site comes up lacking from a functional and user friendly perspective, at least it looks good and requires lots of scrolling down and extra mouse clicks, and we all know that is all that matters to Marriott.