Encrypts a string using the Data Protection API (DPAPI).
Protect-String [-String] <String> -ForUser [<CommonParameters>]
Protect-String [-String] <String> -ForComputer [<CommonParameters>]
Encrypts a string with the Data Protection API (DPAPI). Encryption can be performed at the user or computer level. If encrypted at the User level (with the ForUser
switch), only the user who encrypted the data can decrypt it. If encrypted at the computer scope (with the ForComputer
switch), any user logged onto the computer can decrypt it.
Name | Type | Description | Required? | Pipeline Input | Default Value |
---|---|---|---|---|---|
String | String | The text to encrypt. | true | true (ByValue) | |
ForUser | SwitchParameter | true | false | ||
ForComputer | SwitchParameter | true | false |
Protect-String -String 'TheStringIWantToEncrypt' -ForUser | Out-File MySecret.txt
Encrypts the given string and saves the encrypted string into MySecret.txt. Only the user who encrypts the string can unencrypt it.
$cipherText = Protect-String -String "MySuperSecretIdentity" -ForComputer
Encrypts the given string and stores the value in $cipherText. Because the encryption scope is set to LocalMachine, any user logged onto the local computer can decrypt $cipherText.