ConvertTo-SecureString

Convert an encrypted standard string into a secure string, can also convert plain text into a secure string.

Syntax
      ConvertTo-SecureString [-String] String 
         [[-secureKey] SecureString]
            [CommonParameters]
    
      ConvertTo-SecureString [-String] String 
         [-key Byte[]]
            [CommonParameters]

      ConvertTo-SecureString [-String] String 
         [[-asPlainText] [-force]]
            [CommonParameters]

key
   -String SecureString
       The string to convert to a secure string
        
   -secureKey SecureString
       The encryption key as a secure string,
       this is converted to a byte array before being used as the key.
       Valid key lengths are 16, 24, and 32 bytes
        
   -key Byte
       The encryption key as a byte array.
       Valid key lengths are 16, 24, and 32 bytes

   -asPlainText 
       A plain text string to convert to a secure string.
       The text is not encrypted so the input is not protected/confidential
       To use this option, you must also specify -Force
        
    -force 
       Set this to confirm that you understand the security risks of using PlainText

   CommonParameters:
       -Verbose, -Debug, -ErrorAction, -ErrorVariable, -WarningAction, -WarningVariable,
       -OutBuffer -OutVariable.

If the standard string being converted was encrypted with ConvertFrom-SecureString using a specified key, that same key must be provided as the value of the Key or SecureKey parameter of the ConvertTo-SecureString cmdlet.

To store the data in a file for later use, the secure string can be converted back to an encrypted, standard string using ConvertFrom-SecureString

Examples

Create a secure string from plain text:

PS C:\>$my_secure_password_string = convertto-securestring "P@ssW0rD!" -asplaintext -force

Creates a secure string using the Read-Host cmdlet:

PS C:\>$my_secure_password_string = read-host -assecurestring

Save an encrypted string to disc:

PS C:\>$my_encrypted_string = convertfrom-securestring $my_secure_password_string -key (1..16)
PS C:\>$my_encrypted_string > password.txt

Read an encrypted string from disc and convert back to a secure string:

PS C:\>$my_secure_password_string = convertto-securestring (get-content password.txt) -key (1..16)

“The great strength of the totalitarian state is that it forces those who fear it to imitate it” - Adolf Hitler

Related:

ConvertFrom-SecureString
Read-Host
CIPER - Encrypt or Decrypt files and folders


© Copyright SS64.com 1999-2013
Some rights reserved