Forum Discussion

__Martin__'s avatar
__Martin__
Copper Contributor
Jul 29, 2020

Secure Way to store lots of credentials using powershell

Dear Community 

I wanted to ask if there is any way I can store lots of creedentials while still being able to use them in Powershell?

 

I dont want to enter anything in a popup window, because there are way to many credentials to to that by hand.

Is it possible that I can just put them in some kind of file and then get the wanted informations (while the file or its contents are somehow encrypted)?

 

Thanks in advance

 

Martin

 

  • __Martin__ 

    There are many ways to encrypt your password and store them in text file, csv, database, Windows credential vault and etc., In the end you still need to decrypt it to be able to use it.

     

    So, my best bet would be to use Azure Key Vault.

     

  • i use below to export creds into an xml file (username is in plain text and passwords gets encrypted ) :-
    Get-Credential | Export-Clixml -Path "C:\Users\username\Desktop\Cred.xml"
    and then call them later using below in the required cmdlet:-
    "-Credential (Import-Clixml "C:\Users\username\Desktop\Cred.xml")"
    • __Martin__'s avatar
      __Martin__
      Copper Contributor

      DeepakRandhawa 

      First of all, thank you for your answer!

      I like your way of exporting it into a .xml file. 🙂

      But the thing is that I have to enter the credentials into a popup window. I have too many Credentials to be even remotely able to do it this way...

      Is it somehow possible that I could put all of the credentials into a .csv (for example) with the username as plain text and the password encrypted using SecureString so I have all them in one file?

       

      Cheers

       

      Martin

      • __Martin__'s avatar
        __Martin__
        Copper Contributor

        Well I kind of found a solution:

         

         

        #set credentials
        #set credentials path
        $CredPath = "C:\Scripts\Certify\mycreds.xml"
        #How many Credential Windows are going to show
        $creds = @{
          Local1 = Get-Credential -Message LocalAccount1
          Local2 = Get-Credential -Message LocalAccount2
          Local3 = Get-Credential -Message LocalAccount3
        }
        #export credentials which have been typed in manually as xml
        $creds | Export-Clixml -Path $CredPath
        
        #get credentials
        #import credentials
        $creds = Import-Clixml -Path $CredPath 
        
        #list credentials
        $creds.Local1
        $creds.Local2
        $creds.Local3
        
        # example
        Get-WmiObject -Class Win32_BIOS -ComputerName server01 -Credential $creds.Local1

         

         

        My only problem now: there are still annoying popup windows where I have to enter all of this after one another

         

        Can anyone help me with that?

         

        Thanks in advance

         

        Martin

  • Naw Awn's avatar
    Naw Awn
    Copper Contributor

    __Martin__ 

    There are many ways to encrypt your password and store them in text file, csv, database, Windows credential vault and etc., In the end you still need to decrypt it to be able to use it.

     

    So, my best bet would be to use Azure Key Vault.

     

Resources