How can I safely use Get-Credential to obtain a username and password for a set period of time for use as command line arguments?

Credentials in the form of SSH keys can be stored in memory using SSH Agent; However, if clicking the wrong link, or running a malicious program they can also be snatched from memory and sent somewhere else; which is why ssh-add offers the -t option to specify how long keys will be kept in memory before one is required to reload them hopefully using a passphrase.

Powershell has simalar functionality using secure strings but we are discouraged from using it, especially when writing credentials to disk; but Powershell offers another option in which you can prompt a user for their username and password, store it in a variable that will last the length of the powershell session:

Is it possible to unload credentials gathered from Get-Credentials from memory after a set period of time, similar to ssh-add?

Information Security Asked on November 11, 2021

0 Answers

Add your own answers!

Related Questions

What’s a “safe” URL shortening algorithm?

3  Asked on December 31, 2020 by bensower


Securing internet connection with hostile ISP

1  Asked on December 29, 2020 by user242761


Is Chrome Browser/ Computer compromised by KMSPico?

0  Asked on December 27, 2020 by waterbyte


Web Cache Deception – exploitable without a cache server?

1  Asked on December 26, 2020 by citylight


Determine if private key belongs to certificate?

3  Asked on December 25, 2020 by thanatos


Filtering http responses for subdomain takeover

0  Asked on December 21, 2020 by kirill-z


Sql map Manual Vulnerability Assessment

1  Asked on December 20, 2020 by badddy


Unknown folders in OneDrive

1  Asked on December 19, 2020 by user851


Ask a Question

Get help from others!

© 2021 All rights reserved.