# Converting SecureStrings

SecureStrings can be converted to plain text. This can be useful to prompt with masked input boxes.

SecureStrings are a way to protect string content from 3rd parties. The person that created a SecureString however can always get back the unencrypted plain text from it.

## Converting SecureString To PlainText

Here is a PowerShell function that takes a SecureString and returns the plain text:

function Convert-SecureStringToText
{
param
(
[Parameter(Mandatory,ValueFromPipeline)]
[System.Security.SecureString]
$Password ) process {$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Password) [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
}
}


### Test-Driving

With Convert-SecureStringToText, you can utilize PowerShells masked input boxes:

# prompt with masked input:
$pwd = Read-Host -Prompt 'Enter Password' -AsSecureString | Convert-SecureStringToText # process plain text: "You entered:$pwd"