Forum Discussion
Powershell masking password
Hello Everyone, I have the script (API POST) below which is working fine. $UserPass = "username:password" [string]$stringToEncode=$UserPass $encodedString=[Convert]::ToBase64String([Syst...
Hi, Roel.
A secure string is encrypted, not simply encoded (which is what base64 conversion is). You cannot easily read a secure string a plain text - which is by design (or it wouldn't be particularly secure, and barely even obscure).
There are various ways to coerce the SecureString value back to plain text, where the easiest is to leverage the built-in [pscredential] class.
Note: Secure string objects are not portable between machines. I mention this solely because I've seen people in the past try to save them on the machine they've generated them, port the script and saved encrypted password to another machine and wonder why it doesn't work. It's not meant to, so don't try.
Example
# Replace this line from your script/forum post.
$UserPass = "username:$(Read-Host -Prompt "Please type the password" -AsSecureString)"
# With these lines. Note: The username parameter in the pscredential constructor is ignored in this example, meaning it can be any value.
$Password = Read-Host -Prompt "Enter password" -AsSecureString;
$Credential = [pscredential]::new("Foo", $Password);
$UserPass = "username:$($Credential.GetNetworkCredential().Password)";
Cheers,
Lain