Asking for Masked Input (Part 2)

by Oct 25, 2022

Never ever use plain-text input for secrets and passwords – the text entered by the user may be logged and compromised. Always use a masked input. Here is a simple approach for parameters:

param
(
    [Parameter(Mandatory)]
    [SecureString]
    # asking secret using masked input box
    $secret
)

# internally, get back plain text
$data = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($secret)
$plain =[Runtime.InteropServices.Marshal]::PtrToStringAuto($data)

Write-Host "You secret: $plain" -ForegroundColor Yellow

Simply by using the data type [SecureString] for your parameter and making it mandatory will add a masked input box.

 


Twitter This Tip! ReTweet this Tip!