FieldNote: Secure password in file?


Sometimes you must store a password for an account in a PowerShell script file. One option is to leverage the ConvertTo-SecureString cmdlet. By running this cmdlet on a machine, with a specific password, a secure string is generated. You put that value into your file, and then you can run a ConvertFrom-SecureSting to run the script securely.

However, I ran into another option someone used. The engineer saved a password in the file and it appeared as ‘********’. How did the engineer hide the password? They didn’t! The password was ********. ‘Security by Obscurity’? I guess. Nevertheless, the average person looking at this file may assume that the password was encrypted and therefore, not able to be deciphered.

So there you go, a password value that looks secure. Another note from the field. You can’t make this stuff up!

Comments (2)

  1. LOL – That’s hilarious!

    1. Mike_O'Neill says:

      I know! You can’t make this stuff up. Every time I mention this to others, we all get a really good laugh out of it.

Skip to main content