en-US/about_PersonalVault.help.txt
TOPIC
about_personalvault SHORT DESCRIPTION Personal vault helps to store the secrets locally and manage it in easy and efficient way. LONG DESCRIPTION Personal vault helps to store the secrets in a key value pair and make it easy to manage. It uses PowerShell 's inbuild security mechanism to encrypt and decrypt the secret texts. The secrets are encrypted using an auto-generate 32 bits key and stored in the vault. PersonalVault provides the cmdlet to add, get, update and remove the secrets easily. You can use your own key which should be of 32 bits or generate it using the cmdlet Get-PSKey . You can secure all your secrets with individual key and store it in the vault. This way you can store your secrets more securely. Rotate your keys easily and all retrieve it using the DateModified parameter in the cmdlet Get-PSArchivedKey . Additionally, you can tab complete the available keys from the vault for easy retrieval of the keys. PersonalVault gives a warning if the secret value that you're trying to store is already exposed (or hacked) in the internet. This gives us an opportunity to review the secret value and change it immediately. Your secret values are protected with a username and password and you should use it every time when you try to access your vault from a new console window. EXAMPLES EXAMPLE 1 # You should register first to work with the vault # You should remember your recovery word to recover your registered username and password PS C:\> $recoveryWord = Read-Host -AsSecureString PS C:\> Register-PSPersonalVault -Credential (Get-Credential) -RecoveryWord $recoveryWord # connect to the vault with the credential PS C:\> $connection = Connect-PSPersonalVault -Credential (Get-Credential) PS C:\> Add-PSSecret -Name "GMail_username" -Value "Thisisanonhackablepassword@2021" -Metadata "My personal gmail account." Add a secret value to the vault. EXAMPLE 2 PS C:\> Add-PSSecret -Name Test -Value 'Test@123' -Metadata "Adding a test value" WARNING: Secret 'Test@123' was hacked 833 time(s); Consider changing the secret value. Get a warning if the secret you are trying to add is exposed. EXAMPLE 3 PS C:\> Get-PSSecret Get the secret value from the vault EXAMPLE 4 PS C:\> Get-PSKey Get the key used to encrypt the secet value EXAMPLE 5 PS C:\> Get-PSKey -Force PS C:\> Add-PSSecret -Name "GMail_Username" -Value "Thisisanonhackablepassword@2021" -Metadata "My official gmail account." Rotate the key and add a new secret EXAMPLE 6 PS C:\> Get-PSArchivedKey Get the archived keys. Use it to retrieve the secrets that was encrypted using these keys. EXAMPLE 7 PS C:\> Update-PSSecret -Name Test -Value "AnyStrongPassword@2021" Update a secret value. Use tab completion to find the key to update it's corresponding secret. EXAMPLE 8 PS C:\> Remove-PSSecret -Name Test -Force Remove a secret with the key EXAMPLE 9 PS C:\ Remove-PSPersonalVault -Force Force remove the vault. This is a destructive operation and it removes all the stored secrets. NOTE It is best to save the secrets with individual keys for more security. Since the PowerShell encryption uses Windows DPAPI, the user who stored the keys and secrets can only view it in plain text. The secret values that you are entering as plain text in the session will not stick to in the history. PersonalVault will automatically remove the module related cmdlets from the history. Re-open the console to make sure that all the secrets are removed from the history. SEE ALSO Get-PSSecret KEYWORDS Try the cmdlets. - Add-PSSecret - Get-PSKey - Get-PSSecret - Update-PSSecret |