Passing sensitive strings through Powershell functions best practices

Hello, I’m wondering what best practices are for passing sensitive strings through Powershell functions. Is this something that should be done? For example, I wrote the following module.

https://pastebin.com/R1Lq6H8h

It takes credentials passed through it, converts them to secure string, then later saves it as an XML. The Import-Credential is essentialy almost just an alias for Import-Clixml. Is this fine to do or is this not an accepted practice?

Also, I’m unable to pass the following line through terminal:

Convert-Credential -Username Test -Password Test -Destination Test

I have to do: Convert-Credential -Username "Test" -Password "Test" "Test Destination"

Would anyone know why this is? Thank you!

submitted by /u/deep40000
[link] [comments]

Leave a Reply