≡ Menu

Convert System.Security.SecureString to plain text using PowerShell

This post will help in converting System.Security.SecureString created from Read-Host cmdlet to plain text using PowerShell. We generally read passwords using -AsSecureString parameter of Read-Host. Once the password is read, if you want to see what is the password entered by the user, you cannot really see it by printing the variable into which you read the input. If you try that, you will see a screen similar to below.

SecureString

Converting this System.Security.SecureString is made easy with below few lines of code. If you have a application that accepts only plain text passwords then you will find this very useful for conversion purpose.

Using below code first we are reading the password into $SecureString variable and converting it to Plain text using DotNet class.

$SecureString = Read-Host "Enter a password for user account" -AsSecureString            
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecureString)            
$PlainPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)            
Write-Host "Entered password is $PlainPassword"

Below is a sample output that shows the conversion of secure string to plain text.

SecureStringResolved

Hope this post is helpful.

 

 

Comments on this entry are closed.

  • Konrad Tjaden July 13, 2017, 5:05 pm

    Yes indeed it was helpful, thank you.

  • Ram Dass May 26, 2018, 3:19 am

    Yes, it was very help full. thank you!

  • sdfgsd January 21, 2019, 7:13 am

    muchas gracias.

  • Kristian July 20, 2020, 9:57 pm

    Big thank you! I just could solve an exercise with these four lines 🙂

  • Jeremy Bradshaw September 4, 2020, 8:55 pm

    Thanks for this. I’ve used it over the last little while a few times, and now I created a slick Gist on GitHub, a function and alias to make it easy to have this capability in your PowerShell profile (or other places for convenience).

    https://gist.github.com/JeremyTBradshaw/10c67244cf380a66b6ca0e59139cd11d