Just received email from DVC about log in.

[Tigger2ntinkerbell]

Did they change it again from the 2 step process?

​

​ Dear Disney Vacation Club® Member, Previously, we notified you of an upcoming change to how Members access their Membership accounts on www.disneyvacationclub.com. During this transition, we learned that one aspect of the process was not working the way we originally intended. Therefore, we have made the decision to revert to the previous login process, and plan to implement additional enhancements in the coming months. We appreciate your understanding and will continue to provide updates on our efforts. Sincerely, Disney Vacation Club

 

[snappy]

I received the same email.

 

[Tigger2ntinkerbell]

Weird it's some type of flaw, but they're not explaining it very well.

 

[WDW Traveler]

Got the same email. I hadn't had one single issue with the log in since it started. Every time I logged in, asked for the text, got the text within seconds, entered the # and logged on.

Weird that some had a terrible time.

 

[TCRAIG]

Got the same email. I hadn't had one single issue with the log in since it started. Every time I logged in, asked for the text, got the text within seconds, entered the # and logged on.

Weird that some had a terrible time.

Same here - I really thought it was one thing that Disney IT implemented that really worked…but I’m glad it’s been reversed out…

 

[ak517]

The issue was that you could enter anything for the password and get the code texted or emailed. There's another thread about it somewhere.

 

[drusba]

They probably decided they could not continue with something on the website that worked flawlessly because it would inordinately raise member expectations for fixing all the other problems with the site.

 

[Jgc014]

I was thinking it was because of this - https://dvcnews.com/dvc-program/pol...on-club-website-not-validating-user-passwords

 

[Tigger2ntinkerbell]

Great now we're going to have issues with the websitLOL

 

[dez1978]

Got the same email. I hadn't had one single issue with the log in since it started. Every time I logged in, asked for the text, got the text within seconds, entered the # and logged on.

Weird that some had a terrible time.

How did you get it to text you instead of emailing? I can't find the option to change that?

 

[bobbiwoz]

I never tried another password and also got the text within seconds. However, if it didn’t care what password you used, it really did need to be fixed.

 

[WDW Traveler]

How did you get it to text you instead of emailing? I can't find the option to change that?

When I first got the email about the 2-factor identification, I logged into my DVC account and checked to make sure I had a cell phone listed. I did, so I guessed I was ok, and when I first logged in (and every time after), there were two options to get the code - Text or Email.

 

[DVCjj]

Disney's IT is embarrassing.

 

[The Jackal]

They were just going for a 2 step single authentication log in. At least it worked, just not the way it was supposed to.

 

[kes601]

How did you get it to text you instead of emailing? I can't find the option to change that?

Go into MDE / View Your Profile / Account Settings and either add or verify your mobile number.

 

[com_op_2000]

I am one of those with a painful experience logging in with the 2FA.
Would not get the e-mail at times, sometimes got the text, not able to access my account when I needed too. Talked with MS multiple times and tech support, not much help except by by-passing the 2FA process. They state it is cause of the browsers I use, I disagree. When on the phone with them tried other browser and still had the same issues at times.

 

[ScubaCat]

I ran the email through my special disney management terminology decoder:

-----

Dear Disney Vacation Club® Member,

Previously, we notified you of an upcoming change to how Members access their Membership accounts on www.disneyvacationclub.com. During this transition, we learned that there are consequences from the fact that, years ago, we laid off the entire staff that developed the site and nobody is left that has any idea how any of it works. What is a very easy and routine change in a properly managed platform simply did not work and instead opened a gaping security hole, putting all of our members' private data and resort reservations at significant risk. Therefore, it took us 2 weeks to simply revert to the previous login process. We still plan to implement additional enhancements in the coming months if we can recruit individuals with the skills needed to understand our existing code and the tolerance to work under these conditions.

We appreciate your understanding and will continue to provide updates on our efforts.

Sincerely,
Disney Vacation Club

 

[Brett Wyman]

I hate the 2fa. I log in too often to have to get an email code. Id say 2fa ever 30 days per "new" device is plenty.

 

[ScubaCat]

I hate the 2fa. I log in too often to have to get an email code. Id say 2fa ever 30 days per "new" device is plenty.

They couldn't even make this overly-simplistic version work. I wouldn't hold my breath for them to successfully set a browser cookie or store a client hash value.

They're an absolute clown show. I cannot stress enough the level of incompetence they exhibited here.

 

[CarolynFH]

I ran the email through my special disney management terminology decoder:

-----

Dear Disney Vacation Club® Member,

Previously, we notified you of an upcoming change to how Members access their Membership accounts on www.disneyvacationclub.com. During this transition, we learned that there are consequences from the fact that, years ago, we laid off the entire staff that developed the site and nobody is left has any idea how it works. What is a very easy and routine change in any properly managed platform simply did not work and instead opened a gaping security hole, putting all of our members' private data and resort reservations at significant risk. Therefore, it took us 2 weeks to simply revert to the previous login process. We still plan to implement additional enhancements in the coming months if we can recruit individuals with the skills needed to understand our existing code and the tolerance to work under these conditions.

We appreciate your understanding and will continue to provide updates on our efforts.

Sincerely,
Disney Vacation Club

I tapped the Laugh emoji, but I wanted to cry, too, because this is so true. As I’ve said elsewhere, I think they were using us as the test group before rolling out 2FA to the other Disney OneID sites. MDE users owe us some thanks for preventing them from having to deal with it too soon!