Skip to content

Commit

Permalink
Updated to avoid clear text password in logs
Browse files Browse the repository at this point in the history
  • Loading branch information
@mikefrobbins
mikefrobbins committed May 15, 2024
1 parent d53bb6c commit 73cfc13
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 40 deletions.
19 changes: 9 additions & 10 deletions reference/5.1/Microsoft.PowerShell.Security/Get-Credential.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,25 +109,24 @@ might not work in all host programs.

### Example 5

This example shows how to create a credential object that is identical to the object that
`Get-Credential` returns without prompting the user. This method requires a plain text password,
which might violate the security standards in some enterprises.
This example demonstrates how to create a credential object identical to the one returned by
`Get-Credential`.

```powershell
$User = "Domain01\User01"
$PWord = ConvertTo-SecureString -String "P@sSwOrd" -AsPlainText -Force
$PWord = Read-Host -Prompt 'Enter a Password' -AsSecureString
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
```

The first command saves the user account name in the `$User` parameter. The value must have the
"Domain\User" or "ComputerName\User" format.
The first command assigns the user account name to the `$User` variable. Ensure the value follows
the "Domain\User" or "ComputerName\User" format.

The second command uses the `ConvertTo-SecureString` cmdlet to create a secure string from a plain
text password. The command uses the **AsPlainText** parameter to indicate that the string is plain
text and the **Force** parameter to confirm that you understand the risks of using plain text.
The second command uses the `Read-Host` cmdlet to create a secure string from user input. The
**Prompt** parameter requests user input, and the **AsSecureString** parameter masks the input and
converts it to a secure string.

The third command uses the `New-Object` cmdlet to create a **PSCredential** object from the values
in the `$User` and `$PWord` variables.
stored in the `$User` and `$PWord` variables.

### Example 6

Expand Down
19 changes: 9 additions & 10 deletions reference/7.2/Microsoft.PowerShell.Security/Get-Credential.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,25 +89,24 @@ documentation in the SDK.

### Example 4

This example shows how to create a credential object that is identical to the object that
`Get-Credential` returns without prompting the user. This method requires a plain text password,
which might violate the security standards in some enterprises.
This example demonstrates how to create a credential object identical to the one returned by
`Get-Credential`.

```powershell
$User = "Domain01\User01"
$PWord = ConvertTo-SecureString -String "P@sSwOrd" -AsPlainText -Force
$PWord = Read-Host -Prompt 'Enter a Password' -AsSecureString
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
```

The first command saves the user account name in the `$User` parameter. The value must have the
"Domain\User" or "ComputerName\User" format.
The first command assigns the user account name to the `$User` variable. Ensure the value follows
the "Domain\User" or "ComputerName\User" format.

The second command uses the `ConvertTo-SecureString` cmdlet to create a secure string from a plain
text password. The command uses the **AsPlainText** parameter to indicate that the string is plain
text and the **Force** parameter to confirm that you understand the risks of using plain text.
The second command uses the `Read-Host` cmdlet to create a secure string from user input. The
**Prompt** parameter requests user input, and the **AsSecureString** parameter masks the input and
converts it to a secure string.

The third command uses the `New-Object` cmdlet to create a **PSCredential** object from the values
in the `$User` and `$PWord` variables.
stored in the `$User` and `$PWord` variables.

### Example 5

Expand Down
19 changes: 9 additions & 10 deletions reference/7.4/Microsoft.PowerShell.Security/Get-Credential.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,25 +89,24 @@ documentation in the SDK.

### Example 4

This example shows how to create a credential object that is identical to the object that
`Get-Credential` returns without prompting the user. This method requires a plain text password,
which might violate the security standards in some enterprises.
This example demonstrates how to create a credential object identical to the one returned by
`Get-Credential`.

```powershell
$User = "Domain01\User01"
$PWord = ConvertTo-SecureString -String "P@sSwOrd" -AsPlainText -Force
$PWord = Read-Host -Prompt 'Enter a Password' -AsSecureString
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
```

The first command saves the user account name in the `$User` parameter. The value must have the
"Domain\User" or "ComputerName\User" format.
The first command assigns the user account name to the `$User` variable. Ensure the value follows
the "Domain\User" or "ComputerName\User" format.

The second command uses the `ConvertTo-SecureString` cmdlet to create a secure string from a plain
text password. The command uses the **AsPlainText** parameter to indicate that the string is plain
text and the **Force** parameter to confirm that you understand the risks of using plain text.
The second command uses the `Read-Host` cmdlet to create a secure string from user input. The
**Prompt** parameter requests user input, and the **AsSecureString** parameter masks the input and
converts it to a secure string.

The third command uses the `New-Object` cmdlet to create a **PSCredential** object from the values
in the `$User` and `$PWord` variables.
stored in the `$User` and `$PWord` variables.

### Example 5

Expand Down
19 changes: 9 additions & 10 deletions reference/7.5/Microsoft.PowerShell.Security/Get-Credential.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,25 +89,24 @@ documentation in the SDK.

### Example 4

This example shows how to create a credential object that is identical to the object that
`Get-Credential` returns without prompting the user. This method requires a plain text password,
which might violate the security standards in some enterprises.
This example demonstrates how to create a credential object identical to the one returned by
`Get-Credential`.

```powershell
$User = "Domain01\User01"
$PWord = ConvertTo-SecureString -String "P@sSwOrd" -AsPlainText -Force
$PWord = Read-Host -Prompt 'Enter a Password' -AsSecureString
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
```

The first command saves the user account name in the `$User` parameter. The value must have the
"Domain\User" or "ComputerName\User" format.
The first command assigns the user account name to the `$User` variable. Ensure the value follows
the "Domain\User" or "ComputerName\User" format.

The second command uses the `ConvertTo-SecureString` cmdlet to create a secure string from a plain
text password. The command uses the **AsPlainText** parameter to indicate that the string is plain
text and the **Force** parameter to confirm that you understand the risks of using plain text.
The second command uses the `Read-Host` cmdlet to create a secure string from user input. The
**Prompt** parameter requests user input, and the **AsSecureString** parameter masks the input and
converts it to a secure string.

The third command uses the `New-Object` cmdlet to create a **PSCredential** object from the values
in the `$User` and `$PWord` variables.
stored in the `$User` and `$PWord` variables.

### Example 5

Expand Down

0 comments on commit 73cfc13

Please sign in to comment.