You can encrypt passwords for your account only using DPAPI. You need the function on this site.
Import the module. On some hardened systems using:
1 | Import-Module '.\Modulename.psm1' -Force |
Next encrypt the password using the following command:
1 2 3 4 5 6 7 8 | $secureString = Read-Host -AsSecureString "Enter a secret password."# You can pass basically anything as the Entropy value, but I'd recommend sticking to simple value types (including strings),# or arrays of those types, to make sure that the binary serialization of your entropy object doesn't change between# script executions. Here, we'll use Pi. Edit: The latest version of the code enforces the use of the recommended simple# types, unless you also use the -Force switch.$secureString | ConvertFrom-SecureString -Entropy ([Math]::PI) | Out-File .\storedPassword.txt |
You can use it by decrypting the password as a secure string using the following code:
1 | $newSecureString = Get-Content -Path .\storedPassword.txt | ConvertTo-SecureString -Entropy ([Math]::PI) |
You can decrypt the password as plain text using the following code:
1 2 | $newSecureString = Get-Content -Path .\storedPassword.txt | ConvertTo-SecureString -Entropy ([Math]::PI)$newSecureString | ConvertFrom-SecureString -AsPlainText -Force |