Convert a secure string into an encrypted standard string.

      ConvertFrom-SecureString [-secureString] SecureString 
         [[-secureKey] SecureString]
      ConvertFrom-SecureString [-secureString] SecureString 
         [-key Byte[]]

   -secureString SecureString
       The secure string to convert to an encrypted standard string.
   -secureKey SecureString
       The encryption key as a secure string,
       this is converted to a byte array before being used as the key.

   -key Byte
       The encryption key as a byte array.
       Valid key lengths are 16, 24, and 32 bytes.

You can provide a -key either using a fixed array (of 16, 24, or 32 bytes), or with a random number generator.


Create a secure string by typing at the command prompt:

PS C:\> $secure = read-host -asSecureString

Convert a secure string stored in a variable to an encrypted standard string. The resulting encrypted standard string can be displayed by typing $encrypted:

PS C:\> $encrypted = Convertfrom-SecureString $secure

Convert a secure string using the Rijndael algorithm, the key is an array of 24 digits, all of which are less than 256, (24 * 8 bit bytes = 192 bits)

PS C:\> $key = (3,42,2,3,100,34,254,222,1,1,2,23,42,54,33,233,1,64,2,7,6,5,35,43)
PS C:\> $encrypted_standard_string = convertfrom-securestring $securestring -key $key

Prompt for credentials and store them in the users registry:

$cred = Get-Credential 
New-Item -Path HKCU:\Software\SS64
New-ItemProperty -Path HKCU:\Software\SS64 -Name UserName -Value ($cred.UserName)
New-ItemProperty -Path HKCU:\Software\SS64 -Name Password -Value ($cred.Password | ConvertFrom-SecureString)

“The one permanent emotion of the inferior man is fear of the unknown, the complex, the inexplicable. What he wants beyond everything else is safety” ~ H. L. Mencken

Related PowerShell Cmdlets

Get-Credential - Get a security credential (username/password)
Read-Host - Read a line of input from the host console.

Copyright © 1999-2024
Some rights reserved