Depends. If there only using the MAC Authentication to control access to WiFi, then I agree it limits the exposure. On the other hand, if you're making it that easy to get on the WiFi, no reason to bother with authentication at all and just make it a truly open SSID. The potential exposure comes if at some point Marriott (or other companies) start using MAC Authentication as way to do authorization for your MR (or other company) account. Granted I haven't seen Marriott nor anyone else do this yet; however, who knows where they will go next. Using MAC Authentication sets a bad precedent. My two cents....

--Jon