description | ms.custom | ms.date | ms.topic | title |
---|---|---|---|---|
Avoid Using Plain Text For Password Parameter |
PSSA v1.21.0 |
06/28/2023 |
reference |
AvoidUsingPlainTextForPassword |
Severity Level: Warning
Password parameters that take in plaintext will expose passwords and compromise the security of your system. Passwords should be stored in the SecureString type.
The following parameters are considered password parameters (this is not case sensitive):
- Password
- Pass
- Passwords
- Passphrase
- Passphrases
- PasswordParam
If a parameter is defined with a name in the above list, it should be declared with type SecureString.
Change the type to SecureString.
function Test-Script
{
[CmdletBinding()]
Param
(
[string]
$Password
)
...
}
function Test-Script
{
[CmdletBinding()]
Param
(
[SecureString]
$Password
)
...
}