@kalva1kk 

You can leverage Start-Process as mentioned above by @pvanoord above.

One down side to this method is that you have to pass the credentials across in some fashion, and I've seen a lot of people take the lazy approach of passing them in clear text.

A "better" (subjective statement) approach would be to establish the credential client-side (since most people are familiar with Get-Credential already) and use that in a call to Invoke-Command. Here's a crude example:

$RemoteCredential = Get-Credential;
Invoke-Command -UseSSL -ComputerName somehost.mydomain.com -Credential $RemoteCredential -ScriptBlock { dir C:\ };

(note: if you haven't configured secure WinRM, then leave out the -UseSSL)

Of course, there's other options for achieving the same thing but for this specific use case, this is the one I'd recommend for a few reasons.

If the first one is that it keeps the credential relatively secure, then the second reason would be that Invoke-Command can accept multiple remote hosts for the -ComputerName parameter, and if multiple hosts are provided, it spawns tasks in parallel (up to a default or nominated limit which is beyond the scope of this discussion.)

Where you have to run that command on a large number of remote hosts, this results in significant time savings.

Cheers,

Lain

@Alan2022 

Firstly, it's bad practice to embed clear-text credentials in a script (I'd even include base64 as that's not actually encryption and can easily be reversed.)

Fetching them from a remote credentials store (such as Azure Key Vault, your suggestion of the downloadable CredentialManager module, or even a custom database) or prompting for them once prior to calling the script x times is okay, but not direct inclusion in the code. Of course, the obvious issue here is that none of these approaches can be leveraged "out of the box", which is another reason why staging the credential prior to calling the script is advantageous (since you'd only need the custom approach to be functional on the host doing the remote callouts.)

Secondly, powershell.exe does not actually contain a "-Credentials" parameter.

about PowerShell exe - PowerShell | Microsoft Docs

Lastly, I'd strongly recommend not leveraging the Bypass execution policy unless there's a profoundly compelling reason for doing so as that undermines system security - possibly for no good reason.

It's a rare day when RemoteSigned is found to be too restrictive.

Cheers,

Lain

@Alan2022 

I don't have a single preferred method since not all environments I visit are the same. If Credential Manager works for you then that ought to be fine.

So long as credentials aren't being stored directly within the script, then that satisfies good scripting practice.

The question then changes to "how securely are your credentials stored" and maybe also "are they being transmitted over the wire in plain text", but those kinds of questions are not specific to PowerShell and therefore not really PowerShell "best practice"-related.

Cheers,

Lain

Edited to fix a typo and some grammar.