≡ Menu

Convert System.Security.SecureString to plain text using PowerShell

This post will help in converting System.Security.SecureString created from Read-Host cmdlet to plain text using PowerShell. We generally read passwords using -AsSecureString parameter of Read-Host. Once the password is read, if you want to see what is the password entered by the user, you cannot really see it by printing the variable into which you read the input. If you try that, you will see a screen similar to below.


Converting this System.Security.SecureString is made easy with below few lines of code. If you have a application that accepts only plain text passwords then you will find this very useful for conversion purpose.

Using below code first we are reading the password into $SecureString variable and converting it to Plain text using DotNet class.

$SecureString = Read-Host "Enter a password for user account" -AsSecureString            
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecureString)            
$PlainPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)            
Write-Host "Entered password is $PlainPassword"

Below is a sample output that shows the conversion of secure string to plain text.


Hope this post is helpful.



{ 7 comments… add one }

Leave a Comment