FAQ : 2FA / OTP / Confirm Your Identity / locked out of account issues
Aug 25, 2023, 5:44 pm
#31
Join Date: Jun 2005
Location: SAN
Programs: AS MVP Gold, Marriott Plat, ICH Plat, HH Gold
Posts: 4,404
Be careful with the Marriott Bonvoy Android App. I briefly had 2FA enabled a month or so ago. I disabled it to avoid the hassles and the potential account lockout. Now, virtually every time I go into the Marriott Bonvoy Android App a pop up screen comes up for an enhancing my account security (pronounced 2FA). So I now have the added nuisance of declining 2FA every time I use the app. YMMV..
Actually misread your message, it's a prompt if you do NOT have 2FA enabled. What I was referring to that if the Android app requires you to login again (every now and then), you use biometric login but it still does the 2FA stuff
Aug 25, 2023, 9:56 pm
#32
FlyerTalk Evangelist
Join Date: Mar 2002
Location: Saipan, MP 96950 USA (Commonwealth of the Northern Mariana Islands = the CNMI)
Programs: UA Silver, Hilton Silver. Life: UA .57 MM, United & Admirals Clubs (spousal), Marriott Platinum
Posts: 15,411
I have had this pop-up every time I use the app for several weeks now. I have never enabled 2FA.
Aug 26, 2023, 10:18 am
#33
FlyerTalk Evangelist
Join Date: Dec 2006
Location: Pacific Northwest
Programs: UA Gold 1MM, AS 75k, AA ExPlat, Bonvoyed Gold, Honors Dia, Hyatt Explorer, IHG Plat, ...
Posts: 17,140
Seems like accounts with 2FA have better protection against pilfering for points, so a lock-out period when account contact info is changed would be more helpful for accounts that are not protected by 2FA.
Sep 9, 2023, 12:06 pm
#34
Join Date: Mar 2011
Location: Miami, Florida
Posts: 110
PSA: Marriott 2FA/OTP - Major Issues (4+ Day Complete Account Lockout No Support)
This has been discussed before but wanted to start a thread to discuss it a bit and any potential resolutions.
First and Foremost, I can't believe a $20 Billion+ Revenue company with what seems like even stateside customer service has the worst 2FA implementation of all time.
PSA: Do NOT turn on Marriott 2FA.
1) 2FA does not have a "Remember this device" option, you are challenged every time to enter the 6 digit code sent to your email/phone.
2) If you make a award booking like myself, and the phone number area is blank and you put in the wrong number it locks your account out.
What's the kicker? There is NO support for this, when you call they say "oh yea you have to wait 4-7 days to get back in".... HUH?
When you log in with your correct password, instead of getting to the screen where you put in the 6 digit code it emails you, instead you are greeted with this:
To add insult to injury, I didn't update my phone OR my email address, and the cust service rep looked over and confirmed that as well, but when you call them, they cannot do a single thing but tell you "we don't have access to do anything, you just have to wait, 4 days, maybe 5 days, maybe 7 days".
INSANE a company this big has this type of 2FA implementation. I'm going on day 5 currently mid-stay at a hotel, locked out of my app, so I can't use Mobile Key, Chat with Front Desk features, Mobile Checkin/Checkout, nothing. WILD.
First and Foremost, I can't believe a $20 Billion+ Revenue company with what seems like even stateside customer service has the worst 2FA implementation of all time.
PSA: Do NOT turn on Marriott 2FA.
1) 2FA does not have a "Remember this device" option, you are challenged every time to enter the 6 digit code sent to your email/phone.
2) If you make a award booking like myself, and the phone number area is blank and you put in the wrong number it locks your account out.
What's the kicker? There is NO support for this, when you call they say "oh yea you have to wait 4-7 days to get back in".... HUH?
When you log in with your correct password, instead of getting to the screen where you put in the 6 digit code it emails you, instead you are greeted with this:
To add insult to injury, I didn't update my phone OR my email address, and the cust service rep looked over and confirmed that as well, but when you call them, they cannot do a single thing but tell you "we don't have access to do anything, you just have to wait, 4 days, maybe 5 days, maybe 7 days".
INSANE a company this big has this type of 2FA implementation. I'm going on day 5 currently mid-stay at a hotel, locked out of my app, so I can't use Mobile Key, Chat with Front Desk features, Mobile Checkin/Checkout, nothing. WILD.
Last edited by kromix; Sep 9, 2023 at 12:39 pm
Sep 9, 2023, 6:58 pm
#35
FlyerTalk Evangelist
Join Date: Mar 2002
Location: Saipan, MP 96950 USA (Commonwealth of the Northern Mariana Islands = the CNMI)
Programs: UA Silver, Hilton Silver. Life: UA .57 MM, United & Admirals Clubs (spousal), Marriott Platinum
Posts: 15,411
To save others the time of looking up internet acronyms, the conclusion to the foregoing original post (OP) could be read as, "Wild!" 
Sep 9, 2023, 7:47 pm
#36
FlyerTalk Evangelist
Join Date: Jun 2007
Location: Toronto
Programs: UA 1K, AC MM E75, Marriott LT Ti, IHG Dia Amb, Hyatt Glob
Posts: 15,554
https://www.flyertalk.com/forum/marr...t-account.html
Why/how did you get caught in the same situation that you were already warned about?
My account has twice been changed to 2FA by either Marriott or some IT ghosts, Both times, I went into my profile and turned it off again.
Sep 9, 2023, 9:20 pm
#37
Join Date: Mar 2011
Location: Miami, Florida
Posts: 110
Since you’re familiar with this thread:
https://www.flyertalk.com/forum/marr...t-account.html
Why/how did you get caught in the same situation that you were already warned about?
My account has twice been changed to 2FA by either Marriott or some IT ghosts, Both times, I went into my profile and turned it off again.
https://www.flyertalk.com/forum/marr...t-account.html
Why/how did you get caught in the same situation that you were already warned about?
My account has twice been changed to 2FA by either Marriott or some IT ghosts, Both times, I went into my profile and turned it off again.
Needless to say, I disabled 2FA and put a long 20 character randomized password only.
Just mind-boggling this companies revenue and their ability (or lack thereof) to have the bare minimum.
Last edited by kromix; Sep 9, 2023 at 9:28 pm
Sep 10, 2023, 7:28 am
#38
FlyerTalk Evangelist
Join Date: Mar 2010
Location: DAY
Programs: UA 1K 1MM; Marriott LT Titanium; Amex MR; Chase UR; Hertz PC; Global Entry
Posts: 10,246
Since youre familiar with this thread:
https://www.flyertalk.com/forum/marr...t-account.html
Why/how did you get caught in the same situation that you were already warned about?
My account has twice been changed to 2FA by either Marriott or some IT ghosts, Both times, I went into my profile and turned it off again.
https://www.flyertalk.com/forum/marr...t-account.html
Why/how did you get caught in the same situation that you were already warned about?
My account has twice been changed to 2FA by either Marriott or some IT ghosts, Both times, I went into my profile and turned it off again.
Sep 10, 2023, 9:19 am
#39
Join Date: Mar 2011
Location: Miami, Florida
Posts: 110
Sep 30, 2023, 6:13 am
#41
FlyerTalk Evangelist
Join Date: Jun 2007
Location: Toronto
Programs: UA 1K, AC MM E75, Marriott LT Ti, IHG Dia Amb, Hyatt Glob
Posts: 15,554
Since youre familiar with this thread:
https://www.flyertalk.com/forum/marr...t-account.html
Why/how did you get caught in the same situation that you were already warned about?
My account has twice been changed to 2FA by either Marriott or some IT ghosts, Both times, I went into my profile and turned it off again.
https://www.flyertalk.com/forum/marr...t-account.html
Why/how did you get caught in the same situation that you were already warned about?
My account has twice been changed to 2FA by either Marriott or some IT ghosts, Both times, I went into my profile and turned it off again.
Just turned off 2FA for the third time! At least now I know to turn it off as soon as it happens.
Dec 20, 2023, 10:44 am
#42
Join Date: Dec 2023
Posts: 1
Still an issue
As of 6 months after the OPs initial post, can confirm this ridiculous issue is still a problem as I just encountered it. Locked out of my account because of 2FA after changing the number associated with my account. No warning whatsoever that if I updated my number that I would effectively be locked out for almost a week and multiple calls to customer service confirm they have no idea this problem exists and they had me take all the same futile steps everybody above listed. Bonvoy app is a loyalty app that inspires anything but loyalty.
Dec 20, 2023, 2:17 pm
#43
Join Date: Apr 2007
Location: Toronto, Ont., Canada
Programs: Aeroplan; Marriott Platinum; IHG Platinum; Best Western Diamond
Posts: 2,199
I had also encountered this, got locked out. Quite frustrating.
Marriott told me they have NO IT Dept., when I reported it.
But Marriott feels it's just fine, when many customers are locked out and cannot book/change anything for 5 days.
Marriott told me they have NO IT Dept., when I reported it.
But Marriott feels it's just fine, when many customers are locked out and cannot book/change anything for 5 days.
Dec 21, 2023, 1:40 pm
#44
Join Date: Dec 2007
Location: SFO
Programs: UA 1MM, Marriott LTP, Hilton Gold, Hyatt Explorist, Hertz PC
Posts: 1,003
This just happened to me. I reported the details in another thread before I found this thread. My problem is I didn't change my phone number. I received 3 emails (at the same time) informing me that I had changed my phone number after I made a new reservation. The only thing I could think of is I checked "save this information to my preference" (don't remember the exactly wording) on the reservation page.
Is it true that there is nothing anyone can do except waiting for 5 days?
Is it true that there is nothing anyone can do except waiting for 5 days?
Last edited by naumank; Dec 21, 2023 at 2:16 pm