I suspect there is a fraud system in place that is getting confused when you switch between Disney WiFi and cellular because your IP address keeps changing. If the system were smarter or more well designed, it might account for or whitelist Disney WiFi IP addresses and not count it "against" you. Or create a geofence around the Disney World park area or take into account the fact that it knows you're in the parks or staying at a hotel... A lot of things could be used to avoid so many false positives on it tripping - Disney could even do what the majority of companies do and allow users to enable MFA and allow you to whitelist devices after entering the MFA code once. But we all know how good Disney IT is
That is my assumption though - that it thinks there is strange and therefore possibly fraudulent activity because your IP and possibly because of this your GeoIP location keeps changing.
I notice I rarely if ever get an email verification passcode when I'm at home, and my IP address stays the same but when I'm at the parks I get them often (and usually at the most inconvenient times)