Reset-SecretStore
Resets the SecretStore by deleting all secret data and configuring the store with default options.
Syntax
Reset-SecretStore
[-Scope <SecureStoreScope>]
[-Authentication <Authenticate>]
[-Password <SecureString>]
[-PasswordTimeout <Int32>]
[-Interaction <Interaction>]
[-PassThru]
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
This cmdlet completely resets the SecretStore by deleting all secret data it may contain, and resetting configuration options to their default values. It is intended to be used only if a required password is lost, or data files become corrupted so that SecretStore no longer functions and secret data cannot be accessed.
The default configuration options can be overridden by specifying individual command configuration option parameters.
Examples
Example 1
PS C:\> Reset-SecretStore -PassThru
WARNING: !!This operation will completely remove all SecretStore module secrets and reset
configuration settings to default values!!
Reset SecretStore
Are you sure you want to erase all secrets in SecretStore and reset configuration settings to default?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): Y
Creating a new Microsoft.PowerShell.SecretStore vault. A password is required by the current store configuration.
Enter password:
********
Enter password again for verification:
********
Scope Authentication PasswordTimeout Interaction
----- -------------- --------------- -----------
CurrentUser Password 900 PromptThis example resets the SecretStore for the current user. The cmdlet warns about the consequences of this action and prompts the user for confirmation before continuing. After confirmation, the cmdlet deletes all secrets and sets every configuration setting to its default value.
Parameters
-Authentication
Specifies how to authenticate access to the SecretStore. The value must be Password or None.
If specified as None, the cmdlet enables access to the SecretStore without a password. The
default authentication is Password.
Caution
Setting the Authentication to None is less secure than Password. Specifying None may be
useful for testing scenarios but should not be used with important secrets.
| Type: | Authenticate |
| Accepted values: | None, Password |
| Position: | Named |
| Default value: | Password |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Force
Indicates that the cmdlet should reset the SecretStore without prompting. By default, the cmdlet warns about the impact of resetting the SecretStore and prompts the user for confirmation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Interaction
Specifies whether the SecretStore should prompt a user when they access it. If the value is
Prompt, the user is prompted for their password in interactive sessions when required. If the
value is None, the user is not prompted for a password. If the value is None and a password is
required, the cmdlet requiring the password throws a
Microsoft.PowerShell.SecretStore.PasswordRequiredException error.
| Type: | Interaction |
| Accepted values: | None, Prompt |
| Position: | Named |
| Default value: | Prompt |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PassThru
Indicates that the cmdlet should return the SecretStore configuration after resetting it. By default, the cmdlet returns no output.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Password
Specifies the password the SecretStore should require for access. If Authentication is
specified as None, the cmdlet returns an error. If Authentication is Password and this
parameter is not specified, the cmdlet prompts the user to enter the password securely.
| Type: | SecureString |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PasswordTimeout
Specifies how long the SecretStore remains unlocked after authenticating with a password. When the timeout value is reached, the current password value is invalidated for the session. Accessing the SecretStore after the timeout requires the password again.
| Type: | Int32 |
| Position: | Named |
| Default value: | 900 |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Scope
Specifies the context the SecretStore is configured for. Only CurrentUser is currently
supported.
| Type: | SecureStoreScope |
| Accepted values: | CurrentUser, AllUsers |
| Position: | Named |
| Default value: | CurrentUser |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
Outputs
Microsoft.PowerShell.SecretStore.SecureStoreConfig
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for