Last Updated: 8/27/2017
Recent changes at Vanguard prompted another round of minor patches to the scripts, which can be downloaded @ https://sites.google.com/site/pocketsense/home/msmoneyfixp1/p2.
Detail: Vanguard is now using session tokens (cookies). There were a number of ways to handle it, but I chose to allow the first connection attempt to fail, and return the server-response cookie on the next attempt, thus using the same tokens as the server. We could instead send a client token on the first pass, and skip the double-connect, but that requires an assumption re: expected server tokens. The hope is that the chosen method will support changes at other banks, should they choose to use session keys, regardless of token names.
I must say, however, that I don't see the benefit of using session management, when it's a one-pass post/response transaction. My guess is that they implemented (or upgraded) a general purpose service api, which happens to manage persistent sessions, by default.