0

I have got the script below, it will change the password for a SQL login. Its a powershell script that accepts a string password and will go in to change the password on the SQL instance.

param(
    [string] $login_to_change,
    [string] $new_password
)

$sql_command "alter login [$login_to_change] with password = '$new_password' "

Invoke-Sqlcmd -ServerInstance $server_instance -Database 'master' -query $sql_command

Is there a way to use securestring within the script file ?. What I am trying to do is avoid a situation where the password can be printed from the script.

When I convert to a securestring, I get the string. 'System.Security.Securestring'

EDIT 1

Its an automated deployment tool that will be calling the script. The reason why i want to encrypt it inside the script for now is that sometimes the automated tool does a print out of commands etc, so if I printed out a command whilst debugging, I dont want it to print out the password in plain text.

The end state will be such that the password string sent to the script will be encrypted. This is just a temporary measure.

user5544
  • 131
  • 2
  • 9
  • 1
    Could you please elaborate on this, it's not quite clear: _Is there a way to use securestring within the script file ?..._ – Santiago Squarzon Jul 02 '21 at 15:59
  • 3
    You can convert it to a securestring and back again all you want, it's not going to make your script "secure". What's the context here? Where are you deploying it? Who's going to invoke it? – Mathias R. Jessen Jul 02 '21 at 16:06
  • Thanks for the comments, I have edited the question to be clearer. – user5544 Jul 02 '21 at 16:56
  • See: [How to encrypt/hide ClearText password in PowerShell Transcript](https://stackoverflow.com/a/62609833/1701026) – iRon Jul 02 '21 at 17:14

0 Answers0