Skip to content

Commit e06936a

Browse files
richy58729richy58729
authored
Update Security.md
- Change '.Net' to '.NET' to keep it consistent. - Change incorrect usage of spaces within example code (space after opening parenthesis and space before closing parenthesis). - Change several inconsistencies in example code: - Change '[System.Runtime.InteropServices.marshal]' to '[System.Runtime.InteropServices.Marshal]'. - Remove semicolon at the end of the lines. - Remove an unnecessary 'return' keyword. - Remove extra line at the end.
1 parent 9477842 commit e06936a

File tree

1 file changed

+6
-7
lines changed

1 file changed

+6
-7
lines changed

Best-Practices/Security.md

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -16,11 +16,11 @@ param (
1616
)
1717
```
1818

19-
If you absolutely must pass a password in a plain string to a .Net API call or a third party library it is better to decrypt the credential as it is being passed instead of saving it in a variable.
19+
If you absolutely must pass a password in a plain string to a .NET API call or a third party library, it is better to decrypt the credential as it is being passed instead of saving it in a variable.
2020

2121
```PowerShell
2222
# Get the cleartext password for a method call:
23-
$Insecure.SetPassword( $Credentials.GetNetworkCredential().Password )
23+
$Insecure.SetPassword($Credentials.GetNetworkCredential().Password)
2424
```
2525

2626
#### Other Secure Strings
@@ -32,10 +32,10 @@ Note, if you ever need to turn a SecureString into a string, you can use this me
3232

3333
```PowerShell
3434
# Decrypt a secure string.
35-
$BSTR = [System.Runtime.InteropServices.marshal]::SecureStringToBSTR($this);
36-
$plaintext = [System.Runtime.InteropServices.marshal]::PtrToStringAuto($BSTR);
37-
[System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($BSTR);
38-
return $plaintext
35+
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($this)
36+
$plaintext = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
37+
[System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($BSTR)
38+
$plaintext
3939
```
4040

4141
* For credentials that need to be saved to disk, serialize the credential object using
@@ -63,4 +63,3 @@ computer where it was generated.
6363
# Read the Standard String from disk and convert to a SecureString
6464
$Secure = Get-Content -Path "${Env:AppData}\Sec.bin" | ConvertTo-SecureString
6565
```
66-

0 commit comments

Comments
 (0)