Skip to content

Files

Latest commit

andyleejordanandyleejordan
Remove ms.custom version from docs
Sep 27, 2024
70685be · Sep 27, 2024

History

History
62 lines (49 loc) · 1013 Bytes
·

AvoidUsingPlainTextForPassword.md

File metadata and controls

62 lines (49 loc) · 1013 Bytes
·
description ms.date ms.topic title
Avoid Using Plain Text For Password Parameter
06/28/2023
reference
AvoidUsingPlainTextForPassword

AvoidUsingPlainTextForPassword

Severity Level: Warning

Description

Password parameters that take in plaintext will expose passwords and compromise the security of your system. Passwords should be stored in the SecureString type.

The following parameters are considered password parameters (this is not case sensitive):

  • Password
  • Pass
  • Passwords
  • Passphrase
  • Passphrases
  • PasswordParam

If a parameter is defined with a name in the above list, it should be declared with type SecureString.

How

Change the type to SecureString.

Example

Wrong

function Test-Script
{
    [CmdletBinding()]
    Param
    (
        [string]
        $Password
    )
    ...
}

Correct

function Test-Script
{
    [CmdletBinding()]
    Param
    (
        [SecureString]
        $Password
    )
    ...
}