Secure string content cannot be easily viewed:
$password = Read-Host -Prompt 'Your password' -AsSecureString
PS C:\> $password System.Security.SecureString
However, if you are the one who asked for the secure string in the first place, you can easily convert it back into plain text with this clever trick:
$txt = [PSCredential]::new("X", $Password).GetNetworkCredential().Password $txt
Essentially, the SecureString is used to create a PSCredential object, and a PSCredential object contains the method GetNetworkCredential() which automatically converts the encrypted password into clear text.
This way, you could use the masked input box provided by Read-Host –AsSecureString to ask for sensitive information even if you need this information as plain text string:
function Read-HostSecret([Parameter(Mandatory)]$Prompt) { $password = Read-Host -Prompt $Prompt -AsSecureString [PSCredential]::new("X", $Password).GetNetworkCredential().Password }
PS C:\> Read-HostSecret -Prompt 'Your secret second first name' Your secret second first name: ******** Valentin PS C:\>
