by lunarg on May 26th 2015, at 14:49

By default, it is not possible to specify passwords (the SecureString type) directly as a plain-text cmdlet parameter because it is unsecure to do so (and they are right). But sometimes, there's no other way to run a cmdlet without specifying the password as plain text as a cmdlet parameter. Luckily, there's an easy workaround by performing a conversion from plain text and store the password in a SecureString object.

$pw = ConvertTo-SecureString -String "your-pw" -AsPlainText -Force

You can then use the $pw object to specify the password in a cmdlet.

For example: resetting the password of an AD account:

Set-ADAccountPassword -Identity my-account -NewPassword $pw