Asking for Masked Input (Part 1)

by Oct 21, 2022

Never ever use plain-text input for secrets and passwords – the text entered by the user may be logged and compromised. Always use a masked input. Here is a simple approach for user prompts:

# asking secret using masked input box
$secret = Read-Host "Enter secret" -AsSecureString

# internally, get back plain text
$data = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($secret)
$plain =[Runtime.InteropServices.Marshal]::PtrToStringAuto($data)

Write-Host "You secret: $plain" -ForegroundColor Yellow

Twitter This Tip! ReTweet this Tip!