Encoded Passwords

by Apr 9, 2015

If you must put a credential object in your script, here is a way how you can convert a secure string into encrypted text:

$password = Read-Host -Prompt 'Enter Password' -AsSecureString
$encrypted = $password | ConvertFrom-SecureString
$encrypted | clip.exe

When you run this, you are prompted to enter a password. Next, the password is turned into a series of characters and placed into your clipboard. The encryption key is your identity plus your machine identity, so you can only decrypt the password if you are the same user on the same machine.

Next, to turn your encrypted password into a credential object, run this:

$secret = '01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d4a6c6bfcbbb75418de6e9672d85e73600...996f8365c8c82ea61f94927d3e3b14000000c6aecec683717376f0fb18519f326f6ac9cd89dc'
$username = 'test\user'

$password = $secret | ConvertTo-SecureString

$credential = New-Object -TypeName System.Management.Automation.PSCredential($username, $password)

# example call
Start-Process notepad -Credential $credential -WorkingDirectory c:\

Place the encrypted password string into the script, and adjust the user name you want to use for authentication.

Now, the credential object found in $cred can be used in any cmdlet or function that supports the -Credential parameter.

Twitter This Tip! ReTweet this Tip!