How can I safely use Get-Credential to obtain a username and password for a set period of time for use as command line arguments?

Information Security Asked on November 11, 2021

Credentials in the form of SSH keys can be stored in memory using SSH Agent; However, if clicking the wrong link, or running a malicious program they can also be snatched from memory and sent somewhere else; which is why ssh-add offers the -t option to specify how long keys will be kept in memory before one is required to reload them hopefully using a passphrase.

Powershell has simalar functionality using secure strings but we are discouraged from using it, especially when writing credentials to disk; but Powershell offers another option in which you can prompt a user for their username and password, store it in a variable that will last the length of the powershell session:

Is it possible to unload credentials gathered from Get-Credentials from memory after a set period of time, similar to ssh-add?

Add your own answers!

Related Questions

What’s a “safe” URL shortening algorithm?

3  Asked on December 31, 2020 by bensower


Securing internet connection with hostile ISP

1  Asked on December 29, 2020 by user242761


Is Chrome Browser/ Computer compromised by KMSPico?

0  Asked on December 27, 2020 by waterbyte


Web Cache Deception – exploitable without a cache server?

1  Asked on December 26, 2020 by citylight


Determine if private key belongs to certificate?

3  Asked on December 25, 2020 by thanatos


Filtering http responses for subdomain takeover

0  Asked on December 21, 2020 by kirill-z


Sql map Manual Vulnerability Assessment

1  Asked on December 20, 2020 by badddy


Unknown folders in OneDrive

1  Asked on December 19, 2020 by user851


Ask a Question

Get help from others!

© 2023 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP