Hi PowerShell folks,

watch this video to learn how to encrypt passwords in Powershell scripts. The code used in this video can be found at the end of this blog post.

Best,

P

Create a certificate

New-SelfSignedCertificate -DnsName test -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsage KeyEncipherment,DataEncipherment,KeyAgreement -Type DocumentEncryptionCert

### Encrypt the password string with the newly created certifcate

"123user!" | Protect-CmsMessage -To cn=test -OutFile C:\Temp\pwd.txt

### How does the file looks like?

Start-Process C:\temp\pwd.txt

### Finally ... How do you know the password can be decrypted?

Unprotect-CmsMessage -Path C:\Temp\pwd.txt

### How to implement that in scripts? Example: Send an e-mail via Microsoft365 ...

$username = 'alert@domain.com'
$password = ConvertTo-SecureString (Unprotect-CmsMessage -Path C:\Temp\pwd.txt) -AsPlainText –Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password

Send-MailMessage -Credential $cred `
-From alert@domain.com `
-To patrick.gruenauer@domain.com `
-Body "Test Message with encrypted credentials" `
-Subject "Test-Mail from Alert" `
-SmtpServer 'smtp.office365.com' `
-UseSsl `
-Port 587 `
-BodyAsHtml `
-WarningAction SilentlyContinue