I discuss it in this blog post: http://theessentialexchange.com/blogs/michael/archive/2012/01/17/sending-an-email-to-users-whose-password-is-about-to-expire-a-powershell-rewrite.aspx
-----Original Message----- From: Steve Kradel [mailto:[email protected]] Sent: Friday, April 06, 2012 5:27 PM To: NT System Admin Issues Subject: Re: Powershell SecureString parameters Feed in the characters to SecureString one at a time (string is an IEnumerable of char)... the design reason for this is that the entire string should not exist in managed memory at any point, or else there will be non-secure copies floating around. In practice, it is very difficult *not* to have the string in cleartext unless you're prompting the user for char-level interactive input, while being careful not to call any methods that would read that input as a string. I think MBS had a blog post about this specific to Powershell not too long ago. --Steve 2012/4/6 Joseph L. Casale <[email protected]>: > When you define a parameter as a secure string it becomes available > like any cmdlet to specify during invocation not just after. > > In the scenarios like testing where security is not a concern, how do > you craft the parameter such that it can take plaint text input and > encrypt like `ConvertTo-SecureString "some_pass" -AsPlainText -Force` > > Thanks! > jlc > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
