• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3177
  • Last Modified:

secure text string in form using powershell

I want to secure the string rather than it come across as plain text. This is what I have so far

 
#Pop up box for username and Password###############################################################
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing") 
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") 

$objForm = New-Object System.Windows.Forms.Form 
$objForm.Text = "Set Attribute Information for User"
$objForm.Size = New-Object System.Drawing.Size(300,180) 
$objForm.StartPosition = "CenterScreen"

$objForm.KeyPreview = $True
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Enter") 
    {$User=$objTextBox.Text;$objForm.Close()}
	{$pw=$objTextBox2.text;$ObjForm.close()}})
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Escape") 
    {$objForm.Close()}})

$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Size(75,125)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = "OK"
$OKButton.Add_Click({$user=$objTextBox.Text;$objForm.Close()})
$objForm.Controls.Add($OKButton)

$CancelButton = New-Object System.Windows.Forms.Button
$CancelButton.Location = New-Object System.Drawing.Size(150,125)
$CancelButton.Size = New-Object System.Drawing.Size(75,23)
$CancelButton.Text = "Cancel"
$CancelButton.Add_Click({$objForm.Close()})
$objForm.Controls.Add($CancelButton)

$objLabel = New-Object System.Windows.Forms.Label
$objLabel.Location = New-Object System.Drawing.Size(10,20) 
$objLabel.Size = New-Object System.Drawing.Size(280,20) 
$objLabel.Text = "Enter Username: (Domain\Username)"
$objForm.Controls.Add($objLabel) 
$objTextBox = New-Object System.Windows.Forms.TextBox 
$objTextBox.Location = New-Object System.Drawing.Size(10,40) 
$objTextBox.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox) 
$objLabel2 = New-Object System.Windows.Forms.Label
$objLabel2.Location = New-Object System.Drawing.Size(10,70) 
$objLabel2.Size = New-Object System.Drawing.Size(280,20) 
$objLabel2.Text = "Enter Password"
$objForm.Controls.Add($objLabel2)
$objTextBox2 = New-Object System.Windows.Forms.TextBox 
$objTextBox2.Location = New-Object System.Drawing.Size(10,90) 
$objTextBox2.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox2) 

$objForm.Topmost = $True

$objForm.Add_Shown({$objForm.Activate()})
[void] $objForm.ShowDialog()

[void] $user
[void] $pw

Open in new window


Any Ideas?
0
ntr2def
Asked:
ntr2def
  • 8
  • 3
  • 2
3 Solutions
 
Chris DentPowerShell DeveloperCommented:

What are you going to do with $pw?

You can't implicitly return a SecureString from a TextBox, the return types aren't compatible. There are third-party assemblies that can make a TextBox that will return a SecureString, but that's not quite the same or as easy as native support.

An example of an assembly to do that would be this:

http://weblogs.asp.net/pglavich/archive/2006/02/26/securepasswordtextbox-a-textbox-that-uses-the-securestring-class.aspx

Bit tricky because you have to make sure it works with Windows.System.Forms, not System.Web.UI.

If all you need do is convert a plain text string from the TextBox into a SecureString then you can do this after you've read it:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0
 
ntr2defAuthor Commented:
im using my $pw to store what input the password box, however when i type my password in that box i want it to read ***** rather than "test1"
0
 
ntr2defAuthor Commented:
I figured it out
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
ntr2defAuthor Commented:
Simply adding

$objTextBox2.UseSystemPasswordChar = $True

after :
$objTextBox2 = New-Object System.Windows.Forms.TextBox
$objTextBox2.Location = New-Object System.Drawing.Size(10,90)
$objTextBox2.Size = New-Object System.Drawing.Size(260,20)

Did the job
0
 
ntr2defAuthor Commented:
but maybe you can help me with storing that password and using it in

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

it seems not to like the connectionPassword as $pw
0
 
someOne2010Commented:
you mean you need to Encrypt the password or just display the pass input as *

this will display the pass as *
$objTextBox2.PasswordChar = "*"

and this post can help you to Encrypt and Decrypt

http://poshcode.org/116
and if you need any other help let me know
[Reflection.Assembly]::LoadWithPartialName("System.Security")
 
function Encrypt-String($String, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key", [switch]$arrayOutput)
{
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
   
   $c = $r.CreateEncryptor()
   $ms = new-Object IO.MemoryStream
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$c,"Write"
   $sw = new-Object IO.StreamWriter $cs
   $sw.Write($String)
   $sw.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
   [byte[]]$result = $ms.ToArray()
   if($arrayOutput) {
      return $result
   } else {
      return [Convert]::ToBase64String($result)
   }
}
 
function Decrypt-String($Encrypted, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key")
{
   if($Encrypted -is [string]){
      $Encrypted = [Convert]::FromBase64String($Encrypted)
   }
 
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [System.Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [System.Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
 
   $d = $r.CreateDecryptor()
   $ms = new-Object IO.MemoryStream @(,$Encrypted)
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$d,"Read"
   $sr = new-Object IO.StreamReader $cs
   Write-Output $sr.ReadToEnd()
   $sr.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
}

Open in new window

0
 
ntr2defAuthor Commented:
That works as well but my issue comes to this line:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

its not accepting my password, states that the password is empty or null
0
 
someOne2010Commented:
you forget to pass the password from the text box
you should

do at line 54
$pw=$objTextBox2.text
0
 
ntr2defAuthor Commented:
after i input the syntax i get a new error:

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert
 the "" value of type "System.String" to type "System.Security.SecureString".
At
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], Param
   eterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles
   .ArsPowerShellSnapIn.Cmdlets.ConnectCmdlet
0
 
ntr2defAuthor Commented:
can you look at lines 10-15 could that be the problem?
0
 
someOne2010Commented:
from the error i think you need to convert the password to secure string

you can do that as fallwoing

$secure_string_pwd = convertto-securestring $pw -asplaintext -force
and try to pass the $secure_string_pwd variable instead of  $pw


This command converts the plain text string
into a secure string and stores the result in the $secure_string_pwd variable
i hope this will help
0
 
ntr2defAuthor Commented:
now i get

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert the "Test" value of type "System.String" to type "System.Security.SecureString".
At G:\Scripts\AccountActivity\Scripts\PowershellScripts\SetSingleUserServiceAttribute.ps1:61 char:64
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles.ArsPowerShellSnapIn.Cmdlets.
   ConnectCmdlet
0
 
Chris DentPowerShell DeveloperCommented:
You should not reuse the variable name in this instance, strong-typing will kill it.

$pw : The thing you read from the text box
$SecurePW : $pw converted into a secure string

Then:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $SecurePW

It's why I used a different variable name in my first example:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 8
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now