ConvertTo-SecureString

Convert an encrypted standard string into a secure string, can also convert plain text into a secure string.

Syntax
      ConvertTo-SecureString [-String] String 
         [[-secureKey] SecureString]
            [CommonParameters]
    
      ConvertTo-SecureString [-String] String 
         [-key Byte[]]
            [CommonParameters]

      ConvertTo-SecureString [-String] String 
         [[-asPlainText] [-force]]
            [CommonParameters]

key
   -String 
        The string to convert to a secure string
        
   -secureKey 
        The encryption key as a secure string,
        this is converted to a byte array before being used as the key.
        Valid key lengths are 16, 24, and 32 bytes
        
   -key Byte
        The encryption key as a byte array.
        Valid key lengths are 16, 24, and 32 bytes

   -asPlainText 
        A plain text string to convert to a secure string.
        The text is not encrypted so the input is not protected/confidential
        To use this option, you must also specify -Force
        
    -force 
        Set this to confirm that you understand the security risks of using PlainText

   CommonParameters
        The common parameters: -Verbose, -Debug,-ErrorAction, -ErrorVariable, -OutVariable

If the standard string being converted was encrypted with ConvertFrom-SecureString using a specified key, that same key must be provided as the value of the Key or SecureKey parameter of the ConvertTo-SecureString cmdlet.

To store the data in a file for later use, the secure string can be converted back to an encrypted, standard string using ConvertFrom-SecureString

Examples

Create a secure string from plain text:

PS C:\>$my_secure_password_string = convertto-securestring "P@ssW0rD!" -asplaintext -force

Creates a secure string using the Read-Host cmdlet:

PS C:\>$my_secure_password_string = read-host -assecurestring

Save an encrypted string to disc:

PS C:\>$my_encrypted_string = convertfrom-securestring $my_secure_password_string -key (1..16)
PS C:\>$my_encrypted_string > password.txt

Read an encrypted string from disc and convert back to a secure string:

PS C:\>$my_secure_password_string = convertto-securestring (get-content password.txt) -key (1..16)

"The great strength of the totalitarian state is that it forces those who fear it to imitate it" - Adolf Hitler

Related Powershell Commands:

ConvertFrom-SecureString
Read-Host


Back to the Top

© Copyright SS64.com 1999-2010
Some rights reserved