In my last article, I demonstrated how to work with a credential object in PowerShell. This is a task that you should be doing often. You should run your daily PowerShell sessions as a non-elevated user. When you need to perform an administrative task that requires elevated credentials, hopefully, you can use a cmdlet that supports alternate credentials.

Today, I want to explore how using credentials might influence your PowerShell scripting.

First, let’s confirm you are following one of the first rules of PowerShell scripting: no plain text passwords or credentials. This should be intuitive, but I have seen code that ignores this rule. You should never write code like this.

Function Set-SecretThing {
    [CmdletBinding()]
    Param(
        [Parameter(Position = 0, Mandatory)]
        [string]$Secret
        )

    Write-Host "Setting secret thing with secret $Secret" -ForegroundColor cyan
    #code goes here
}