Introduction

Very often it is required to obtain a password from the user from a console in a PowerShell script or C#\.NET console application, in this blog post we are going to discuss both these languages and securely reading the password from the Console, or in other words masking the characters in the console so that nobody can read the password echoed on the console.

If you like reading this article follow me on Twitter @singhprateik, for more such content!

Before we begin… following is a shameless plug of my new book 😎 👇

[Announcement] PowerShell to C# and back Book

This book bridges concept and knowledge the gap between a scripting language like PowerShell and modern programming language like C#, which is a natural language of choice for People who know PowerShell.

An increase in adoption of software development inside Infrastructure teams makes this the perfect time to get started with a programming language and C# is a natural choice for people using PowerShell today. As it fits best with the basket of matching skillsets like Azure, Azure DevOps which will add value in your career.

Download the FREE Book Sample from the book web page which covers all the basics of C# within the first 50 pages 👉 https://leanpub.com/powershell-to-csharp

Reading from Console Securely in PowerShell

PowerShell’s Read-Host cmdlet has a AsSecureString switch parameter, that masks all user input as asterisks (*) in place of the characters and returns a SecureString object

$password = Read-Host 'Enter Password' -AsSecureString

Reading from Console Securely in C#

Initially, I thought it would be super easy to use PowerShell cmdlet Read-Host with -AsSecureString parameter in C# directly using the System.Management.Automation class to avoid any additional work, but it didn’t work.

The user prompts fails the execution of the program because user interaction is not supported. But still, I chose to keep this example for the learning of anyone who wants to know how to execute a PowerShell code from C#.

NOTE if you are new to .NET and C# and not familiar with how to create and run a basic C# program, read this C# Hello world Explained blog post, it will help you to bring to speed.

So, reading securely in C# is slightly more work and you have to explicitly handle the situation in the program by writing some C# code as shown in the following example:

A quick explanation of the above code:

Line 10-24: Body of infinite do..while loop, that keeps running unless the user hits the ENTER key on the keyboard as user input.

Line 11: The ReadKey() method can obtain the next key pressed by the user, by default it echoes keys pressed by the user on the console and to suppress this behavior, call the ReadKey method with an intercept argument of true, like ReadKey(intercept: true)

Line 14: Condition to check if backspace is pressed and the password string has chars (in other words length of the string is greater than 0)

Line 15-16: If the above condition was true, that means BACKSPACE was pressed, then remove the last character output on the console and last character in the Password string.

The purpose Console.Write("\b \b") is to take the cursor position to n-1 char using first \b and then print white space ' ' to overwrite the asterisk printed before, then again take the cursor back to the n-1 char. To understand this better replace the space between the backspace escape chars with a ‘+’, like Console.Write("\b+\b"); and run the program again.

Line 19: Condition to check if the input key is anything other CR (Carriage Return), LF (Line Feed).

Line 20-21: If the condition at Line 19 is True, then print `*` on the console to mask it and add the input character to the Password string.

Line 24: Once the user has provided the password and hits the ENTER key, the code execution flow would exit the do..while loop, and the value stored in the String variable Password is the input password

Now if run the above program, you will see that each character input from the user is masked