What would be the Windows batch equivalent for HTML's input type=“password”?

Question

I need to get authentication credentials from the users within a Windows script but the classic "first Google result" approach:

SET /P USR=Username: 
SET /P PWD=Password: 

is less than satisfying, so I was wondering if there's let's say an "equivalent" to HTML's input type="password"?

Any comment would be really appreciated, thanks much in advance!

Answer 1

check out this

http://www.netikka.net/tsneti/info/tscmd052.htm

@echo off & setlocal enableextensions
    :: Build a Visual Basic Script
    set vbs_=%temp%\tmp$$$.vbs
    set skip=
    findstr "'%skip%VBS" "%~f0" > "%vbs_%"
    ::
    :: Prompting without linefeed as in Item #15
    echo.|set /p="Password: "

    :: Run the script with Microsoft Windows Script Host Version 5.6
    for /f "tokens=* delims=" %%a in ('cscript //nologo "%vbs_%"') do set MyPass1=%%a

    ::
    ::echo.
    echo.|set /p="Retype  : "

    for /f "tokens=* delims=" %%a in ('cscript //nologo "%vbs_%"') do set MyPass2=%%a
    ::

    :: Clean up
    for %%f in ("%vbs_%") do if exist %%f del %%f
    ::
    :: Demonstrate the result
    echo.
    if "%MyPass1%"=="%MyPass2%" (
      echo The entered password was %MyPass1%
      ) else (
      echo No match)
    endlocal & goto :EOF
    '
    'The Visual Basic Script
    Set WshPass = WScript.CreateObject("ScriptPW.Password") 'VBS
    Password=WshPass.GetPassWord() 'VBS
    WScript.Echo PassWord 'VBS

Answer 2

By judicious use of another tool freely available on Windows, the following two scripts do the job you want.

First, GetPwd.cmd:

@echo off
:: GetPwd.cmd - Get password with no echo.
<nul: set /p passwd=Password: 
for /f "delims=" %%i in ('cscript /nologo GetPwd.vbs') do set passwd=%%i
echo.
:: This bit's just to prove we have the password.
echo %passwd%

Then, GetPwd.vbs:

' GetPwd.vbs - Get password with no echo then echo it. '
Set oScriptPW = CreateObject("ScriptPW.Password")
strPassword = oScriptPW.GetPassword()
Wscript.StdOut.WriteLine strPassword

Explanation:

GetPwd.vbs simply uses the password object to input the password from the user and then print it to standard output (next paragraph will explain why that doesn't show up in the terminal).

GetPwd.cmd is a bit trickier (but command scripts usually are).

The "<nul: set /p passwd=Password: " command simply outputs the prompt with no trailing CR/LF - it's a sneaky way to emulate bash's "echo -n". It sets passwd to an empty string as a side effect and doesn't wait for input since it's taking its input from the nul: device.

The "for /f "delims=" %%i in ('cscript /nologo GetPwd.vbs') do set passwd=%%i" statement is the trickiest bit. It runs the vbscript with no Microsoft advertising (/nologo), so that the only line output is the password (from the vbscript "Wscript.StdOut.WriteLine strPassword".

Setting the delimiters to nothing is required to capture input lines with spaces, otherwise you just get the first word. The "for ... do set ..." sets passwd to be the actual password output from the vbscript.

Then we echo a blank line (actually terminate the "Password: " line) and echo the password so you can verify it works:

C:\Pax> GetPwd
Password:
this is my password

C:\Pax> 

The scriptpw.dll is available with XP and 2K3 but not necessarily later versions.

Instructions for Vista and presumably Win7 are below, give them a try:

To mask the password, the script takes advantage of the ScriptPW COM object. ScriptPW is loaded by default on Windows XP and Windows 2003. If you’re running Windows 2000 or Windows Vista, you will need to copy the scriptpw.dll file from the Windows\System32 folder of an XP system, or Windows 2003 system to the Winnt\System32 or Windows\System32 folder on your Windows 2000 or Vista system. Once the DLL has been copied, you will need to register it by running the command:

regsvr32 scriptpw.dll

To successfully register the DLL on a Vista machine, you will need to open the command prompt as administrator. To do this, click Start | All Programs | Accessories. Then right-click on the Command Prompt shortcut and select “Run as administrator.” Once at the command prompt as administrator, you’ll be able to successfully run the regsvr32 scriptpw.dll command to register the DLL.

Answer 3

1.Pure batch solution that (ab)uses XCOPY command and its /P /L switches found here :

:: Hidden.cmd
::Tom Lavedas, 02/05/2013, 02/20/2013
::Carlos, 02/22/2013
::https://groups.google.com/forum/#!topic/alt.msdos.batch.nt/f7mb_f99lYI


@Echo Off
:HInput
SetLocal EnableExtensions EnableDelayedExpansion
Set "FILE=%Temp%.\T"
Set "FILE=.\T"
Keys List >"%File%"
Set /P "=Hidden text ending with Ctrl-C?: " <Nul
Echo.
Set "HInput="
:HInput_
For /F "tokens=1* delims=?" %%A In (
 '"Xcopy /P /L "%FILE%" "%FILE%" 2>Nul"'
) Do (
  Set "Text=%%B"
  If Defined Text (
    Set "Char=!Text:~1,1!"
    Set "Intro=1"
    For /F delims^=^ eol^= %%Z in ("!Char!") Do Set "Intro=0"
    Rem If press Intro
    If 1 Equ !Intro! Goto :HInput#
    Set "HInput=!HInput!!Char!"
  )
)
Goto :HInput_
:HInput#
Echo(!HInput!
Goto :Eof 

2.Password submitter that uses a HTA pop-up . This is a hybrit .bat/jscript/mshta file and should be saved as a .bat:

<!-- :
:: PasswordSubmitter.bat
@echo off
for /f "tokens=* delims=" %%p in ('mshta.exe "%~f0"') do (
    set "pass=%%p"
)

echo your password is %pass%
exit /b
-->

<html>
<head><title>Password submitter</title></head>
<body>

    <script language='javascript' >
        function pipePass() {
            var pass=document.getElementById('pass').value;
            var fso= new ActiveXObject('Scripting.FileSystemObject').GetStandardStream(1);
            close(fso.Write(pass));

        }
    </script>

    <input type='password' name='pass' size='15'></input>
    <hr>
    <button onclick='pipePass()'>Submit</button>

</body>
</html>

3.A self-compiled .net hybrid .Again should be saved as .bat .In difference with other solutions it will create/compile a small .exe file that will be called (if you wish you can delete it). Also requires installed .net framework but that's rather not a problem:

@if (@X)==(@Y) @end /* JScript comment
@echo off
setlocal

for /f "tokens=* delims=" %%v in ('dir /b /s /a:-d  /o:-n "%SystemRoot%\Microsoft.NET\Framework\*jsc.exe"') do (
   set "jsc=%%v"
)

if not exist "%~n0.exe" (
    "%jsc%" /nologo /out:"%~n0.exe" "%~dpsfnx0"
)

for /f "tokens=* delims=" %%p in ('"%~n0.exe"') do (
    set "pass=%%p"
)

echo your password is %pass%

endlocal & exit /b %errorlevel%

*/



import System;



var pwd = "";
var key;

Console.Error.Write("Enter password: ");

        do {
           key = Console.ReadKey(true);
           if ( (key.KeyChar.ToString().charCodeAt(0)) >= 20 && (key.KeyChar.ToString().charCodeAt(0) <= 126) ) {
              pwd=pwd+(key.KeyChar.ToString());
              Console.Error.Write("*");
           }   

        } while (key.Key != ConsoleKey.Enter);
        Console.Error.WriteLine();
        Console.WriteLine(pwd);

Answer 4

I assume that you want no echo of the password on the screen.

If a pop-up window is ok for you, you could use e.g. VBScript to show an IE window displaying a password field. Here's an example.

As an alternative you could call your script from an HTA (HTML Application) file (see Introduction to HTML Applications (HTAs).

Regards, divo

Answer 5

If you can install Cygwin, you'll get a bash shell by default, so this command will work:

read -s -p "Password: " PASSWORD

Only problem is now the value of PASSWORD is only set in the bash shell, not as an environment variable a batch file can see (don't use PWD as this means something else in cygwin). So you would have to rewrite your script as a bash shell script (maybe not too hard given the limitations of the command prompt!).

Or you could pass the password into a batch script from cygwin, but this means running a new instance of the command prompt:

cmd /cyourbatchfile.bat $PASSWORD

All a bit convoluted and not at all satisfying ;)

Answer 6

We do stuff like this all the time but put the password in the commandline and pass it to a variable in the batch file.

Answer 7

another alternative is my EditV32 (x86) or EditV64 (x64) command-line tools. For example:

editv32 -m -p "Password: " PWD

-m means "masked input" and -p is the prompt. The user's input is stored in the PWD environment variable. You can get it here:

http://www.westmesatech.com/editv.html

Answer 8

Another approach is to call PowerShell commands from your Batch script. Here's an example that configures the logon account of a service:

$password = Read-Host "Enter password" -AsSecureString;
$decodedpassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password));
& "sc.exe" config THE_SERVICE_NAME obj= THE_ACCOUNT password= $decodedPassword;

where THE_SERVICE_NAME is the name of the service to configure and THE_ACCOUNT is the logon account.

Then we can use it from a batch script like that:

call powershell -Command "$password = Read-Host "Enter password" -AsSecureString; $decodedpassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password)); & "sc.exe" config THE_SERVICE_NAME obj= THE_ACCOUNT password= $decodedPassword;"

which is simply calling PowerShell.exe and passing the three commands.

The advantage of this approach is that the majority of Windows installations today include PowerShell, so no extra program or script is needed. The drawback is that you will need to either use the password inside the PowerShell call (like in my example) or store it in an environment variable and then use it from your batch script. I preffer the former because it is more secure and simpler.

Answer 9

Another alternative is ReadLine.exe. Example:

@echo off
setlocal enableextensions
set PASSWORD=
for /f "delims=" %%p in ('readline -h -p "Enter password: "') do set PASSWORD=%%p
echo You entered: %PASSWORD%
endlocal

Answer 10

You may use ReadFormattedLine subroutine for all kind of formatted input. For example, the commands below read an username and password of 8 characters each, display asterisks in the screen, and continue automatically with no need to press Enter:

call :ReadFormattedLine USR="********" /M "Username: "
call :ReadFormattedLine PWD="********" /M "Password: "

Or in a different way:

call :ReadFormattedLine nameAndPass="******** / ********" /M "Enter Username / Password: "

In previous example, when the user completed the username, the subroutine display the slash and read the password; if the user delete characters, the slash is also deleted automatically.

This subroutine is written in pure Batch so it does not require any additional program, and it allows several formatted input operations, like read just numbers, convert letters to uppercase, etc. You may download ReadFormattedLine subroutine from Read a line with specific format.

Answer 11

ConSet is a free tool written by Frank P. Westlake. It is an extended version of standard Windows command set.

ConSet.exe - Displays, sets, or deletes cmd.exe environment variables, modifies console parameters, and performs floating point mathematics.

As it is not a standard Windows console application, the usage of this tool requires either the distribution of this tool together with the batch file or the tool is stored on a server share and the batch file calls this tool directly from the server share.

ConSet makes a prompt for a password string with hidden input assigned to an environment variable very easy:

ConSet.exe /PH "PWD=Password: "

The additional parameter H results in hiding user input.