Skip to content

Files

Latest commit

 

History

History
55 lines (42 loc) · 1.08 KB

AvoidUsingPlainTextForPassword.md

File metadata and controls

55 lines (42 loc) · 1.08 KB

Pattern: Use of plain text for password

Issue: -

Description

Password parameters that take in plain text will expose passwords and compromise the security of your system. Passwords should be stored in the SecureString type.

The following parameters are considered password parameters (this is not case sensitive):

  • Password
  • Pass
  • Passwords
  • Passphrase
  • Passphrases
  • PasswordParam

If a parameter is defined with a name in the above list, it should be declared with type SecureString.

How

Change the type to SecureString.

Example of incorrect code:

function Test-Script
{
    [CmdletBinding()]
    Param
    (
        [string]
        $Password
    )
    ...
}

Example of correct code:

function Test-Script
{
    [CmdletBinding()]
    Param
    (
        [SecureString]
        $Password
    )
    ...
}

Further Reading