0

i am creating a Powershell script to enable Bitlocker. For this i need a PIN which is converted to a securestring. This PIN must be randomly generated. For this i have these two options:

$pin = Get-Random -Minimum 0 - Maximum 9

and

$pin = ( (1..6) | ForEach-Object { Get-Random -Minimum 0 -Maximum 9 } ) -join ''

The first one has a problem for my usage because it generates some PINs with 5 characters but i need 6 characters for my usage

The second one does the right job for now.

As already said i need a secure-string to enable bitlocker. I've tried the ConvertTo-SecureString cmdlet

ConvertTo-SecureString -AsPlainText $pin -Force

I get the error which says:

Cannot bind argument to parameter 'String' because it is NULL.

Does someone knows how to make it work?

Btw: I am beginner with Powershell

Ray61
  • 1
  • 2
    Can't reproduce the error. Did you make sure to run the pin-generation code before `ConvertTo-SecureString`? – Mathias R. Jessen Oct 13 '22 at 09:35
  • [⚠️ **Important**](https://learn.microsoft.com/nl-nl/dotnet/api/system.security.securestring?view=net-6.0#securestring-operations) A **SecureString** object should never be constructed from a **String**, because the sensitive data is already subject to the memory persistence consequences of the immutable **String** class. The best way to construct a **SecureString** object is from a character-at-a-time unmanaged source, such as the **Console.ReadKey** method. – iRon Oct 13 '22 at 10:38
  • This means that you actually shouldn't use `ConvertTo-SecureString -AsPlainText $pin -Force` but something like: `$SecurePin.AppendChar($Char)` as in this [`New-Password`](https://github.com/iRon7/New-Password/blob/main/New-Password.ps1d) script: `New-Password -Length 6 -Upper -1 -Lower -1 -Symbols -1` – iRon Oct 13 '22 at 10:38
  • @MathiasR.Jessen the problem was i used the cmdled on the wrong place. After i generated the Pin i piped it to a file which was saved on a specified path. After that Out-File cmdled i piped it again with ConvertTo-Securestring. It works now. – Ray61 Oct 14 '22 at 11:38

1 Answers1

0

I found a solution. You are able to pipe following command:

$pin = ( (1..6) | ForEach-Object { Get-Random -Minimum 0 -Maximum 9 } ) -join ''

For example:

$pin = ( (1..6) | ForEach-Object { Get-Random -Minimum 0 -Maximum 9 } ) -join '' | ConvertTo-SecureString -AsPlainText -Force
Ray61
  • 1