Verify Passwords Match in Windows Powershell

N-Tropy picture N-Tropy · Aug 11, 2016 · Viewed 7.9k times · Source

I'm creating a script to handle unattended domain joining for the school district I work at. We have several IT guys who handle sysprep, so I'm creating a script that will encrypt passwords to use for Add-Computer.

What I am having trouble with is having a script that takes two password entries, and restarts if they don't match, but continues if they do. What I've tried so far:

$s = {write-host "running script}
&$s
$pwd1 = Read-Host -AsSecureString "Enter Password"
$pwd2 = Read-Host -AsSecureString "Enter Again"
If($pwd1 -ceq $pwd2) {
Write-host "match"
} else {
&$s
}

I would like to have the script automatically make the user retry until both passwords match.

EDIT: Figured it out! Here's the code for reference. Thanks to RowdyVinson!

do {
Write-Host "I am here to compare the password you are entering..."
$pwd1 = Read-Host "Password" -AsSecureString
$pwd2 = Read-Host "Re-enter Password" -AsSecureString
$pwd1_text = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd1))
$pwd2_text = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd2))
}
while ($pwd1_text -ne $pwd2_text)
Write-Host "Passwords matched"

Answer

RowdyVinson picture RowdyVinson · Aug 11, 2016

You're looking to compare two secure strings, so you'll need to decrypt them first. Here's an implementation of what you're trying to do:

Write-Host "Hey..!! I am here to compare the password you are entering..."
$pwd1 = Read-Host "Passowrd" -AsSecureString
$pwd2 = Read-Host "Re-enter Passowrd" -AsSecureString
$pwd1_text = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd1))
$pwd2_text = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd2))


if ($pwd1_text -ceq $pwd2_text) {
Write-Host "Passwords matched"
} else {
Write-Host "Passwords differ"
}

and this is where I got that from: http://techibee.com/powershell/compare-secure-strings-entered-through-powershell/422

also possibly relevant: https://www.roelvanlisdonk.nl/2010/03/23/show-password-in-plaintext-by-using-get-credential-in-powershell/