This command provides a secure method to ask a user for a user name and password.
None.
None.
SUCCESS |
A user name and password were successfully entered. |
FAILURE |
The information was missing in one or more fields. |
This command opens a dialog to prompt a user to enter the username/password. It returns success if the username and password are not empty.
The entered credentials are not authenticated at this step. They are temporarily saved internally in the variables while the script is running (in an encrypted form) and there is no option to save the credentials on the computer.
The command should be always called at the beginning of the script.
The application encrypts username/password using CryptProtectData() and saves them in two DATA_BLOB vari- ables in encrypted form. The entered user credentials remain encrypted during MP script run. When needed for HTTPS GET request, the application temporary decrypt the credentials data using CryptUprotectData().
After each use (after encryption/decryption operations), all strings containing sensitive information are immediately zeroed out by RtlSecureZeroMemory function (wdm.h) - Windows drivers | Microsoft Learn. On MP script exit, the application zeroed out the encrypted DATA_BLOBs as well.