How to Validate the Password from your Credential? I was trying to get my account password and set it as a script password. I don't want the cmdlet Get-Credential prompt and I only need the password for the verification. Is that possible?

So far, I have this code from https://learn.microsoft.com/en-us/answers/questions/806868/using-invoke-command-using-credentials-to-run-get.html and just tweaked it a little but obviously it proceeds to the "The Password is Correct" because it Compares the System.Security.SecureString as a string. What should I do?

    $inputPass = Read-Host "Enter Password" -AsSecureString
    $credential = New-Object System.Management.Automation.PSCredential ("$env:DOMAIN\$env:USER", $inputPass)

# If the Password is same with the Password of your PC Account.
    if ($inputPass -match $credential.Password) {
         "The Password is Correct"
     } else {
         "Wrong Password, Type-in your Account Password"
         Break;
     }

Any help would be appreciated, Thank you :)

CodePudding user response：

I'll assume you're looking to validate if the Password inputted via Read-Host is valid for the current user against Active Directory, if so, you can follow the technique demonstrated in the helpful link provided by Daniel in comments with some slight modification since I'll be using WindowsIdentity.GetCurrent Method to get the current user Domain and UserName:

$encrypted = Read-Host "Enter Password" -AsSecureString
$plain     = [Net.NetworkCredential]::new('', $encrypted).Password
if([adsi]::new('', [Security.Principal.WindowsIdentity]::GetCurrent().Name, $plain).PSBase.Name) {
    'password is valid'
}
else {
    'password is invalid'
}