-
Membership
Career development & professional registration-
Explore this section
Members and registered users
Enhance your career
Professional registration recognises your competence, commitment, skills and experience.
The IET provides guidance and support to enable members to undertake planned and structured Initial Professional Development (IPD) and Continuing Professional Development (CPD).
Professional development courses designed to help individuals and organisations reach and stay at the leading edge of engineering and technology.
The IET Awards reward and celebrate individual excellence, innovation and ambition (engineering scholarships).
-
-
Resources
Library, archives, bookshop, publications & factfiles-
Explore this section
E&T Jobs
Engineering & Technology Jobs
Search today for your next engineering role on Engineering & Technology Jobs, the job board hosted by the IET.
Standards
Code of Practice for Electrical Safety Management
Managing electrical safety effectively is vital in avoiding accidents, delays and unseen costs to your business. IET Standards' newest publication will help non-technical managers manage electrical safety in their organisations. The Code of Practice is now available to pre-order.
Publications
Open access
Open access publishing now available in all existing IET research and letters journals, plus our new fully open access online journal, The Journal of Engineering. Now accepting submissions.
Engineering & Technology magazine
E&T is the leading monthly magazine for all engineering professionals. Its award winning content is available in print, online and on iPad.
-
-
Get Involved
Communities, sectors, volunteers & discussion forums-
Explore this section
MyCommunity
Shape your community. Shape your world.
MyCommunity, the IET's professional network and collaboration platform, enabling you to connect, interact and exchange knowledge with your peers.
Volunteering
Interact with the IET and raise your professional profile
Volunteering can enhance your career development, is a personally rewarding experience and also benefits your Community.
-
-
Events
Conferences, seminars, courses, lectures & visits-
Explore this section
Highlighted events
20 May 2013 | IET London: Savoy Place, UK
11 - 14 June 2013 | Wyboston Lakes Hotel, Bedfordshire, UK
14 June 2013 | IET London: Savoy Place, UK
8 - 10 April 2014 | Midland Hotel, Manchester, UK
-
-
Policy & Media
Thought leadership, media centre & public affairs-
Explore this section
Media centre
IET corporate news and activities, plus comment and reaction on engineering and technology issues.
Read what the media is saying about the IET and our activities.
We can provide independent experts to talk to the media on a range of engineering and technology related subjects.
Advice and support to IET members on promoting IET activities via the media and social media.
Policy
Key topics offer summaries of the IET’s positions on many of the most important policy topics.
The IET represents the views of its members on a wide range of professional and technological issues.
Offering unbiased, independent, evidence based policy advice.
The engineering profession speaking with one voice on key issues relating to engineering.
-
 |
IET |
 |
 |  |
|
search :
help :
home
|
||
|
Latest News:
|
|
|
|
Topic Title: Secure Login Topic Summary: Created On: 04 August 2012 06:25 PM Status: Post and Reply |
Linear : Threading : Single : Branch |
 Search Topic |
Topic Tools
|
 04 August 2012 06:25 PM
|
|
|
When is the IET going to offer secure logins to the forums, or is this something beyond their budget or technicial capabilities?
|
|
|
|
|
|
04 August 2012 10:51 PM
|
|
|
So far as I can tell, it does use https. However, it's all hidden - there doesn't appear to be a separate https login page.
------------------------- S P Barker BSc PhD MIET |
|
|
|
|
|
05 August 2012 04:49 PM
|
|
|
So far as I can tell, it does use https. However, it's all hidden - there doesn't appear to be a separate https login page. As far as I can see I can login unsecured then click on 'My IET' button which takes me to a secured (https) page. This is pretty much useless as anyone (on the network) could capture my unsecured login password and have full access to do havock on the forums (not that I'm entirely innocent on that score  ) and view details about me and change things as they please.
The same can happen to anyone. Access needs to be made more secure. |
|
|
|
|
|
06 August 2012 05:08 PM
|
|
|
Thanks for raising this. ectophile is correct that log-ins are submitted under HTTPS.
The IET takes security very seriously, and will continue to maintain and upgrade its systems. These are also subject to regular third-party audits. We'll keep reviewing the design and introducing changes as appropriate. Regards ------------------------- David Rossall Manager, Internet Services Group The Institution of Engineering and Technology |
|
|
|
|
|
08 August 2012 07:50 PM
|
|
|
Just to be clear on this.
When I enter my username and password in the white boxes, which are echoed back to me (though password is in dotted fortmat) the page is still in non-secured http mode. Therefore anyone can potentially capture my login details as I enter them. It's only when I hit the green 'Login' button that I am then taken to a secured https page. But by then it's to late as far as security is concerned. We should be taken to a secured https page after hitting the green Login button. Then allowed to enter our details to be authenticated. That's how the Banks do it. |
|
|
|
|
|
08 August 2012 11:56 PM
|
|
|
That's not correct.
You can enter your username and password on almost any page. That page has already been delivered to your PC (as you say, under HTTP), so that you can view it. When you key your password, you're just putting it into your local PC. When you then submit the form with your username and password, you do so to this page: https://logon.theiet.org/login.cfm That's under HTTPS, so your login is protected. That's not to say that there are no benefits to having the username/password form under HTTPS, so we are looking at it as part of the normal process of review that I have mentioned. Levels of security need to be appropriate to the context. Bank-level security comes at a cost to the provider and to the user - for the latter, it's in the form of the inconvenience of one-time passwords or other additional security measures, that would not be used on most Web sites. On the other hand, the IET is very aware that it holds members' personal data and conducts financial transactions, and must take measures accordingly. Hope this helps. Regards ------------------------- David Rossall Manager, Internet Services Group The Institution of Engineering and Technology |
|
|
|
|
|
09 August 2012 07:41 PM
|
|
|
Thanks for the clarification.
|
|
|
|
|
|
IET
» Feedback and questions
»
Secure Login
|
Topic Tools |
See Also:
|
|
| Technical discussion forums |
|
| · | Wiring and the regulations |
| · | Built environment |
| · | Design and production engineering |
| · | Control and automation |
| · | Communications engineering |
| · | Information technology |
| · | Energy |
| · | Transport engineering |
| · | Airfield engineering |
| · | Electronic engineering |
| · | Management in engineering |
| · | Consumer technology |
| · | Other and general engineering discussions |
| Professional and career discussion forums |
|
| · | Feedback and questions |
| · | CEng, IEng, EngTech and other professional registration matters |
| · | Savoy Place Virtual Club |
| · | Student and apprentice discussion forum |
| · | Young Professionals Community |
| Archived categories |
FuseTalk Standard Edition v3.2 - © 1999-2013 FuseTalk Inc. All rights reserved.
