secure plain text password in process creation windows security log event

Question

I have a batch script with this command in it

installutil /account=user /Password=password /config="ServiceConfig.xml" /LogFile="ex.InstallLog" "Hosting.exe"

When i run the script in commandLine i have a creation process with ID 4688 logged in windows security logs with a password in plain text in IT .

How can i proceed to not show plain text password in the security logs?

I can't turn off the windows logs because they are used by the security team in my company and i can not use the local service credentials so i have to set it this way to be able to use the automated script .

score 0 · Answer 1 · answered Feb 17 '21 at 12:05

I think I have found a solution to not show the password in plain text.

I have tested, and using this part in the scripts, I don't see the password in the event viewer.

First, save it as follows:

$cred = Get-Credential

$cred | Export-CliXml -Path "PATH\Cred.xml"

Then, use it in the scripts as follows:

$cred = Import-CliXml -Path $credPath

So far, I have not seen it again in plain text.

The exported credentials are only valid on the machine that generated the file and with the user that generated them.

that script does not replace $cred with the password at the end anyway? — DefToneR, Jul 15 '22 at 14:31

secure plain text password in process creation windows security log event

1 Answers1