Convert a Secure String to Plain Text in PowerShell

  1. Use the Marshal Class to Convert a Secure String to Plain Text in PowerShell
  2. Use the ConvertFrom-SecureString Cmdlet to Convert a Secure String to Plain Text in PowerShell
  3. Use the NetworkCredential Class to Convert a Secure String to Plain Text in PowerShell

The text in a secure string is encrypted in memory in PowerShell. It uses reversible encrypting, so you can convert it back to plain text strings when needed.

The ConvertTo-SecureString cmdlet converts plain text or encrypted strings to secure strings. This tutorial will teach you to convert a secure string to plain text in PowerShell.

Use the Marshal Class to Convert a Secure String to Plain Text in PowerShell

The following command converts the plain text string P0w3rsh311 into a secure string and stores it in a variable $securePassword.

$securePassword = ConvertTo-SecureString "P0w3rsh311" -AsPlainText -Force

The following example uses the .NET Framework’s Marshal class to convert the secure string to plain text.

[System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($securePassword))

Output:

P0w3rsh311

Use the ConvertFrom-SecureString Cmdlet to Convert a Secure String to Plain Text in PowerShell

The ConvertFrom-SecureString cmdlet converts the secure string to an encrypted standard string. From PowerShell 7.0, a new parameter -AsPlainText was added, which converts a secure string to a plain text string.

The following example requires PowerShell version 7.0 or later.

ConvertFrom-SecureString -SecureString $securePassword -AsPlainText

Output:

P0w3rsh311

Use the NetworkCredential Class to Convert a Secure String to Plain Text in PowerShell

You can also use the NetworkCredential class to convert a secure string to plain text in PowerShell.

The following command asks the user to enter the password and store it as a secure string in a variable $securePassword.

$securePassword = Read-Host "Enter password: " -AsSecureString

Output:

Enter password: **********

The following example converts a secure string to a plain text string as output.

[System.Net.NetworkCredential]::new("", $securePassword).Password

Output:

P0w3rsh311

We hope this article helped you understand different methods to convert a secure string to plain text in PowerShell.

Write for us
DelftStack articles are written by software geeks like you. If you also would like to contribute to DelftStack by writing paid articles, you can check the write for us page.

Related Article - PowerShell String

  • Selecting Multiple Patterns in a String Using PowerShell
  • Remove Spaces From a Variable Using PowerShell
  • Check if a String Is Not NULL or EMPTY