1

I am trying to configure a randomly generated password into a application that runs in the command prompt. As with most passwords you need to verify the password, ie type it a second time.

How can I automate this? Preference is Powershell, however cmd will work.

Example SetPassword.exe Type password: XXXXX Verify Password: XXXXX

I need to automate the passing of XXXXX into the command prompt window.

Zac
  • 175
  • 1
  • 4
  • 10

1 Answers1

1

A PowerShell solution:

  • Note that the password is obtained as a [securestring] instance, which you can convert to plain text as described below.

    • However, note that plain-text password handling is invariably a security risk.

  • On Unix platforms, even [securestring] instances provide virtually no protection, however, and even on Windows use of this type is no longer recommended - see this answer for background information.

do {
  
  # Obtain the password and its confirmation as [securestring] instances.
  # [securestring] INSTANCES OFFER VERY LITTLE PROTECTION ON UNIX PLATFORMS.
  $pass, $passRetyped =
    foreach ($prompt in 'Enter password', 'Retype to confirm') { 
      Read-Host -AsSecureString $prompt 
    }

  # Convert them to a form that allows them to be compared.
  # THIS OFFERS VIRTUALLY NO PROTECTION ON UNIX PLATFORMS.
  $passComparable, $passRetypedComparable = 
    $pass, $passRetyped | ConvertFrom-SecureString

  # Compare them.
  if ($passComparable -cne $passRetypedComparable) {
    Write-Warning "Re-typed password didn't match the original. Please try again."
  } elseif ($passComparable.Length -eq 0) {
    Write-Warning "Password cannot be empty. Please try again."
  } else {
    # The entries match. 
    # If needed, perform additional validation here.
    # (min. / max. length, permitted characters, complexity requirements.)
    break # OK - exit the loop and continue below.
  }

} while ($true)

# $pass now contains the password of interest as a [securestring] instance.
Write-Verbose -Verbose @'
Password was confirmed:
 * $pass now contains the password as a [securestring] instance.
 * To obtain a *plain-text* representation - which is a security risk - use:
     [System.Net.NetworkCredential]::new('unused', $pass).Password 
'@

# FOR DEMO PURPOSES ONLY: Print the plain-text representation of the password.
'Password entered: ' + [System.Net.NetworkCredential]::new('unused', $pass).Password
mklement0
  • 382,024
  • 64
  • 607
  • 775
  • Hi Mklemento, Sorry I think there is a slight misunderstanding. I am looking to pass automated values into a command line process that is expecting input from a user. Another example would be a command line process that needs me to type in y multiple times also. – Zac May 04 '23 at 02:58
  • I see, @Zac. I hope the linked duplicate helps. – mklement0 May 04 '23 at 04:01