Convert a Secure String to Plain Text in PowerShell

Rohan Timalsina Apr 30, 2022
  1. Use the Marshal Class to Convert a Secure String to Plain Text in PowerShell
  2. Use the ConvertFrom-SecureString Cmdlet to Convert a Secure String to Plain Text in PowerShell
  3. Use the NetworkCredential Class to Convert a Secure String to Plain Text in PowerShell
Convert a Secure String to Plain Text in PowerShell

The text in a secure string is encrypted in memory in PowerShell. It uses reversible encrypting, so you can convert it back to plain text strings when needed.

The ConvertTo-SecureString cmdlet converts plain text or encrypted strings to secure strings. This tutorial will teach you to convert a secure string to plain text in PowerShell.

Use the Marshal Class to Convert a Secure String to Plain Text in PowerShell

The following command converts the plain text string P0w3rsh311 into a secure string and stores it in a variable $securePassword.

$securePassword = ConvertTo-SecureString "P0w3rsh311" -AsPlainText -Force

The following example uses the .NET Framework’s Marshal class to convert the secure string to plain text.

[System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($securePassword))

Output:

P0w3rsh311

Use the ConvertFrom-SecureString Cmdlet to Convert a Secure String to Plain Text in PowerShell

The ConvertFrom-SecureString cmdlet converts the secure string to an encrypted standard string. From PowerShell 7.0, a new parameter -AsPlainText was added, which converts a secure string to a plain text string.

The following example requires PowerShell version 7.0 or later.

ConvertFrom-SecureString -SecureString $securePassword -AsPlainText

Output:

P0w3rsh311

Use the NetworkCredential Class to Convert a Secure String to Plain Text in PowerShell

You can also use the NetworkCredential class to convert a secure string to plain text in PowerShell.

The following command asks the user to enter the password and store it as a secure string in a variable $securePassword.

$securePassword = Read-Host "Enter password: " -AsSecureString

Output:

Enter password: **********

The following example converts a secure string to a plain text string as output.

[System.Net.NetworkCredential]::new("", $securePassword).Password

Output:

P0w3rsh311

We hope this article helped you understand different methods to convert a secure string to plain text in PowerShell.

Rohan Timalsina avatar Rohan Timalsina avatar

Rohan is a learner, problem solver, and web developer. He loves to write and share his understanding.

LinkedIn Website

Related Article - PowerShell String