ConvertTo-SecureString - Powershell 1.0 CmdLet
Microsoft Windows PowerShell is a command-line shell and scripting tool based on the Microsoft .NET Framework. It is designed for system administrators, engineers and developers to control and automate the administration of Windows and applications.
More than hundred command-line tools (so called "cmdlets") can be used to perform system administration tasks and Windows Management Instrumentation (WMI). These cmdlets are easy to use, with standard naming conventions and common parameters, and standard tools for piping, sorting, filtering, and formatting data and objects.
ConvertTo-SecureString
Description
Convert an encrypted standard string into a secure string
Usage
Options
-String
The string to convert to a secure string
-secureKey
The encryption key as a secure string,
this is converted to a byte array before being used as the key.
Valid key lengths are 16, 24, and 32 bytes
-key Byte
The encryption key as a byte array.
Valid key lengths are 16, 24, and 32 bytes
-asPlainText
A plain text string to convert to a secure string.
The text is not encrypted so the input is not protected/confidential
To use this option, you must also specify -Force
-force
Set this to confirm that you understand the security risks of using PlainText
CommonParameters
The common parameters: -Verbose, -Debug,-ErrorAction, -ErrorVariable, -OutVariable
Example(s)
Create a secure string from plain text:
PS C:\>$my_secure_password_string = convertto-securestring "P@ssW0rD!" -asplaintext -force
Creates a secure string using the Read-Host cmdlet:
PS C:\>$my_secure_password_string = read-host -assecurestring
Save an encrypted string to disc:
PS C:\>$my_encrypted_string = convertfrom-securestring $my_secure_password_string -key (1..16)
PS C:\>$my_encrypted_string > password.txt
Read an encrypted string from disc and convert back to a secure string:
PS C:\>$my_secure_password_string = convertto-securestring (get-content password.txt) -key (1..16)