Store Password as Multiple Variables

I've run into a stumbling block for a script I'm writing and I was hoping someone more knowledgeable might be able to help me out.

To put it simply, I want a user to be able to input their password and each letter of that password be assign to variables.

$uCcuGUBIJnoORUWA = "a"
$LjN6WLzWVAaM4BQN = "b"
$5qJ79dPkDGNeIsVy = "c"

… etc.

Once this is done, the password is send to a text file and outputted as the variables. So if your password was "abc" then the text file would appear as …

HASH1 = $uCcuGUBIJnoORUWA
HASH2 = $LjN6WLzWVAaM4BQN
HASH3 = $5qJ79dPkDGNeIsVy

… and so on.

Once the password is completely written and is stored on the text file, the rest of the script uses that information to match each piece of code to figure out what the password is. It then would then type out the password using something like:

[System.Windows.Forms.SendKeys]::SendWait("$uCcuGUBIJnoORUWA$LjN6WLzWVAaM4BQN$5qJ79dPkDGNeIsVy")

Right now my script is using a hard-coded password, which is less than ideal. I'm using PS2EXE to convert the .ps1 file to an .exe file so it's not in plain-text.

I understand how to store the variables and how to get the script to output the variables as the actual letters, I'm just having some trouble figuring out a way for the user to input the password and then have it stored.

How about something better than obfuscation: actual encryption?

Store the credentials in a [PSCredential] object. The password portion of this is stored as a secure string, which is already a good thing.

To export it to a file:

$cred | Export-Clixml -Path C:\master.xml

To re-import it:

$cred = Import-Clixml -Path C:\master.xml

The important thing is that the password will be encrypted when it's written out to disk. It can only be decrypted (and therefore reimported) by the same user on the same computer.

As a result I like to make the user and computer name part of the file name. Here's an example of a script to store the credentials:

$cred = Get-Credential
$cred | Export-Clixml -Path "C:\whatever\master_$env:COMPUTERNAME-$env:USERNAME.xml"

In the script where you actually want to use it:

$cred = Import-Clixml -Path "C:\whatever\master_$env:COMPUTERNAME-$env:USERNAME.xml"

It's quite useful. By embedding the user and computer in the file name you can store multiple copies of the credentials depending on how many users need to access the creds on however many computers.

And since you might need the raw password in your script, the way to get that out of a [PSCredential] object is like so: