views:

1268

answers:

7

I need to get authentication credentials from the users within a Windows script but the classic "first Google result" approach:

SET /P USR=Username: 
SET /P PWD=Password:

is less than satisfying, so I was wondering if there's let's say an "equivalent" to HTML's input type="password"?

Any comment would be really appreciated, thanks much in advance!

A: 

If you have a domain controller, then you'll want to set up Subversion to authenicate against their Active Directory accounts. Directions to do so are here.

I'm not sure why you made this a community wiki post, though.

George Stocker
Besides that it doesn't answer the question, thanks for the tip! That approach is in progress to be implemented but it's not available yet, in the meantime I should keep working with the batch script.
Nano Taboada
A: 

I assume that you want no echo of the password on the screen.

If a pop-up window is ok for you, you could use e.g. VBScript to show an IE window displaying a password field. Here's an example.

As an alternative you could call your script from an HTA (HTML Application) file (see Introduction to HTML Applications (HTAs).

Regards, divo

0xA3
A: 

If you can install Cygwin, you'll get a bash shell by default, so this command will work:

read -s -p "Password: " PASSWORD

Only problem is now the value of PASSWORD is only set in the bash shell, not as an environment variable a batch file can see (don't use PWD as this means something else in cygwin). So you would have to rewrite your script as a bash shell script (maybe not too hard given the limitations of the command prompt!).

Or you could pass the password into a batch script from cygwin, but this means running a new instance of the command prompt:

cmd /cyourbatchfile.bat $PASSWORD

All a bit convoluted and not at all satisfying ;)

Michael Hinds
If you can install Cygwin ... seems like overkill
Greg Dean
A: 

We do stuff like this all the time but put the password in the commandline and pass it to a variable in the batch file.

Keng
+3  A: 

check out this

http://www.netikka.net/tsneti/info/tscmd052.htm

@echo off & setlocal enableextensions
    :: Build a Visual Basic Script
    set vbs_=%temp%\tmp$$$.vbs
    set skip=
    findstr "'%skip%VBS" "%~f0" > "%vbs_%"
    ::
    :: Prompting without linefeed as in Item #15
    echo.|set /p="Password: "

    :: Run the script with Microsoft Windows Script Host Version 5.6
    for /f "tokens=* delims=" %%a in ('cscript //nologo "%vbs_%"') do set MyPass1=%%a

    ::
    ::echo.
    echo.|set /p="Retype  : "

    for /f "tokens=* delims=" %%a in ('cscript //nologo "%vbs_%"') do set MyPass2=%%a
    ::

    :: Clean up
    for %%f in ("%vbs_%") do if exist %%f del %%f
    ::
    :: Demonstrate the result
    echo.
    if "%MyPass1%"=="%MyPass2%" (
      echo The entered password was %MyPass1%
      ) else (
      echo No match)
    endlocal & goto :EOF
    '
    'The Visual Basic Script
    Set WshPass = WScript.CreateObject("ScriptPW.Password") 'VBS
    Password=WshPass.GetPassWord() 'VBS
    WScript.Echo PassWord 'VBS
Thanks MUCH for your reply!
Nano Taboada
+2  A: 

By judicious use of another tool freely available on Windows, the following two scripts do the job you want.

First, GetPwd.cmd:

@echo off
:: GetPwd.cmd - Get password with no echo.
<nul: set /p passwd=Password: 
for /f "delims=" %%i in ('cscript /nologo GetPwd.vbs') do set passwd=%%i
echo.
:: This bit's just to prove we have the password.
echo %passwd%

Then, GetPwd.vbs:

' GetPwd.vbs - Get password with no echo then echo it. '
Set oScriptPW = CreateObject("ScriptPW.Password")
strPassword = oScriptPW.GetPassword()
Wscript.StdOut.WriteLine strPassword

Explanation:

GetPwd.vbs simply uses the password object to input the password from the user and then print it to standard output (next paragraph will explain why that doesn't show up in the terminal).

GetPwd.cmd is a bit trickier (but command scripts usually are).

The "<nul: set /p passwd=Password: " command simply outputs the prompt with no trailing CR/LF - it's a sneaky way to emulate bash's "echo -n". It sets passwd to an empty string as a side effect and doesn't wait for input since it's taking its input from the nul: device.

The "for /f "delims=" %%i in ('cscript /nologo GetPwd.vbs') do set passwd=%%i" statement is the trickiest bit. It runs the vbscript with no Microsoft advertising (/nologo), so that the only line output is the password (from the vbscript "Wscript.StdOut.WriteLine strPassword".

Setting the delimiters to nothing is required to capture input lines with spaces, otherwise you just get the first word. The "for ... do set ..." sets passwd to be the actual password output from the vbscript.

Then we echo a blank line (actually terminate the "Password: " line) and echo the password so you can verify it works:

C:\Pax> GetPwd
Password:
this is my password

C:\Pax>

The scriptpw.dll is available with XP and 2K3 but not necessarily later versions.

Instructions for Vista and presumably Win7 are below, give them a try:

To mask the password, the script takes advantage of the ScriptPW COM object. ScriptPW is loaded by default on Windows XP and Windows 2003. If you’re running Windows 2000 or Windows Vista, you will need to copy the scriptpw.dll file from the Windows\System32 folder of an XP system, or Windows 2003 system to the Winnt\System32 or Windows\System32 folder on your Windows 2000 or Vista system. Once the DLL has been copied, you will need to register it by running the command:

regsvr32 scriptpw.dll

To successfully register the DLL on a Vista machine, you will need to open the command prompt as administrator. To do this, click Start | All Programs | Accessories. Then right-click on the Command Prompt shortcut and select “Run as administrator.” Once at the command prompt as administrator, you’ll be able to successfully run the regsvr32 scriptpw.dll command to register the DLL.

paxdiablo
Wow, thanks a lot for your extensive reply!
Nano Taboada
A: 

Hi all, another alternative is my EditV32 (x86) or EditV64 (x64) command-line tools. For example:

editv32 -m -p "Password: " PWD

-m means "masked input" and -p is the prompt. The user's input is stored in the PWD environment variable. You can get it here:

www.westmesatech.com/editv.html

Regards, Bill

AbqBill