Skip to content

Commit

Permalink
Updated to avoid clear text password in logs
Browse files Browse the repository at this point in the history
  • Loading branch information
@mikefrobbins @michaeltlombardi
mikefrobbins authored and michaeltlombardi committed May 15, 2024
1 parent d53bb6c commit 13611a8
Show file tree
Hide file tree
Showing 4 changed files with 40 additions and 44 deletions.
21 changes: 10 additions & 11 deletions reference/5.1/Microsoft.PowerShell.Security/Get-Credential.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
external help file: Microsoft.PowerShell.Security.dll-Help.xml
Locale: en-US
Module Name: Microsoft.PowerShell.Security
ms.date: 12/12/2022
ms.date: 05/15/2024
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.security/get-credential?view=powershell-5.1&WT.mc_id=ps-gethelp
schema: 2.0.0
title: Get-Credential
Expand Down Expand Up @@ -109,25 +109,24 @@ might not work in all host programs.

### Example 5

This example shows how to create a credential object that is identical to the object that
`Get-Credential` returns without prompting the user. This method requires a plain text password,
which might violate the security standards in some enterprises.
This example demonstrates how to create a credential object identical to the one returned by
`Get-Credential`.

```powershell
$User = "Domain01\User01"
$PWord = ConvertTo-SecureString -String "P@sSwOrd" -AsPlainText -Force
$PWord = Read-Host -Prompt 'Enter a Password' -AsSecureString
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
```

The first command saves the user account name in the `$User` parameter. The value must have the
"Domain\User" or "ComputerName\User" format.
The first command assigns the username to the `$User` variable. Ensure the value follows
the "Domain\User" or "ComputerName\User" format.

The second command uses the `ConvertTo-SecureString` cmdlet to create a secure string from a plain
text password. The command uses the **AsPlainText** parameter to indicate that the string is plain
text and the **Force** parameter to confirm that you understand the risks of using plain text.
The second command uses the `Read-Host` cmdlet to create a secure string from user input. The
**Prompt** parameter requests user input, and the **AsSecureString** parameter masks the input and
converts it to a secure string.

The third command uses the `New-Object` cmdlet to create a **PSCredential** object from the values
in the `$User` and `$PWord` variables.
stored in the `$User` and `$PWord` variables.

### Example 6

Expand Down
21 changes: 10 additions & 11 deletions reference/7.2/Microsoft.PowerShell.Security/Get-Credential.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
external help file: Microsoft.PowerShell.Security.dll-Help.xml
Locale: en-US
Module Name: Microsoft.PowerShell.Security
ms.date: 02/26/2024
ms.date: 05/15/2024
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.security/get-credential?view=powershell-7.2&WT.mc_id=ps-gethelp
schema: 2.0.0
title: Get-Credential
Expand Down Expand Up @@ -89,25 +89,24 @@ documentation in the SDK.

### Example 4

This example shows how to create a credential object that is identical to the object that
`Get-Credential` returns without prompting the user. This method requires a plain text password,
which might violate the security standards in some enterprises.
This example demonstrates how to create a credential object identical to the one returned by
`Get-Credential`.

```powershell
$User = "Domain01\User01"
$PWord = ConvertTo-SecureString -String "P@sSwOrd" -AsPlainText -Force
$PWord = Read-Host -Prompt 'Enter a Password' -AsSecureString
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
```

The first command saves the user account name in the `$User` parameter. The value must have the
"Domain\User" or "ComputerName\User" format.
The first command assigns the username to the `$User` variable. Ensure the value follows
the "Domain\User" or "ComputerName\User" format.

The second command uses the `ConvertTo-SecureString` cmdlet to create a secure string from a plain
text password. The command uses the **AsPlainText** parameter to indicate that the string is plain
text and the **Force** parameter to confirm that you understand the risks of using plain text.
The second command uses the `Read-Host` cmdlet to create a secure string from user input. The
**Prompt** parameter requests user input, and the **AsSecureString** parameter masks the input and
converts it to a secure string.

The third command uses the `New-Object` cmdlet to create a **PSCredential** object from the values
in the `$User` and `$PWord` variables.
stored in the `$User` and `$PWord` variables.

### Example 5

Expand Down
21 changes: 10 additions & 11 deletions reference/7.4/Microsoft.PowerShell.Security/Get-Credential.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
external help file: Microsoft.PowerShell.Security.dll-Help.xml
Locale: en-US
Module Name: Microsoft.PowerShell.Security
ms.date: 02/26/2024
ms.date: 05/15/2024
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.security/get-credential?view=powershell-7.4&WT.mc_id=ps-gethelp
schema: 2.0.0
title: Get-Credential
Expand Down Expand Up @@ -89,25 +89,24 @@ documentation in the SDK.

### Example 4

This example shows how to create a credential object that is identical to the object that
`Get-Credential` returns without prompting the user. This method requires a plain text password,
which might violate the security standards in some enterprises.
This example demonstrates how to create a credential object identical to the one returned by
`Get-Credential`.

```powershell
$User = "Domain01\User01"
$PWord = ConvertTo-SecureString -String "P@sSwOrd" -AsPlainText -Force
$PWord = Read-Host -Prompt 'Enter a Password' -AsSecureString
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
```

The first command saves the user account name in the `$User` parameter. The value must have the
"Domain\User" or "ComputerName\User" format.
The first command assigns the username to the `$User` variable. Ensure the value follows
the "Domain\User" or "ComputerName\User" format.

The second command uses the `ConvertTo-SecureString` cmdlet to create a secure string from a plain
text password. The command uses the **AsPlainText** parameter to indicate that the string is plain
text and the **Force** parameter to confirm that you understand the risks of using plain text.
The second command uses the `Read-Host` cmdlet to create a secure string from user input. The
**Prompt** parameter requests user input, and the **AsSecureString** parameter masks the input and
converts it to a secure string.

The third command uses the `New-Object` cmdlet to create a **PSCredential** object from the values
in the `$User` and `$PWord` variables.
stored in the `$User` and `$PWord` variables.

### Example 5

Expand Down
21 changes: 10 additions & 11 deletions reference/7.5/Microsoft.PowerShell.Security/Get-Credential.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
external help file: Microsoft.PowerShell.Security.dll-Help.xml
Locale: en-US
Module Name: Microsoft.PowerShell.Security
ms.date: 02/26/2024
ms.date: 05/15/2024
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.security/get-credential?view=powershell-7.5&WT.mc_id=ps-gethelp
schema: 2.0.0
title: Get-Credential
Expand Down Expand Up @@ -89,25 +89,24 @@ documentation in the SDK.

### Example 4

This example shows how to create a credential object that is identical to the object that
`Get-Credential` returns without prompting the user. This method requires a plain text password,
which might violate the security standards in some enterprises.
This example demonstrates how to create a credential object identical to the one returned by
`Get-Credential`.

```powershell
$User = "Domain01\User01"
$PWord = ConvertTo-SecureString -String "P@sSwOrd" -AsPlainText -Force
$PWord = Read-Host -Prompt 'Enter a Password' -AsSecureString
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
```

The first command saves the user account name in the `$User` parameter. The value must have the
"Domain\User" or "ComputerName\User" format.
The first command assigns the username to the `$User` variable. Ensure the value follows
the "Domain\User" or "ComputerName\User" format.

The second command uses the `ConvertTo-SecureString` cmdlet to create a secure string from a plain
text password. The command uses the **AsPlainText** parameter to indicate that the string is plain
text and the **Force** parameter to confirm that you understand the risks of using plain text.
The second command uses the `Read-Host` cmdlet to create a secure string from user input. The
**Prompt** parameter requests user input, and the **AsSecureString** parameter masks the input and
converts it to a secure string.

The third command uses the `New-Object` cmdlet to create a **PSCredential** object from the values
in the `$User` and `$PWord` variables.
stored in the `$User` and `$PWord` variables.

### Example 5

Expand Down

0 comments on commit 13611a8

Please sign in to comment.