Avoid ConvertTo-SecureString -AsPlainText -Force (#40658)

scripts/azure-pipelines/windows/create-image.ps1

@@ -44,30 +44,14 @@ The length of the returned password.
 #>
 function New-Password {
   Param ([int] $Length = 32)
-
-  # This 64-character alphabet generates 6 bits of entropy per character.
-  # The power-of-2 alphabet size allows us to select a character by masking a random Byte with bitwise-AND.
   $alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-"
-  $mask = 63
   if ($alphabet.Length -ne 64) {
     throw 'Bad alphabet length'
   }
 
-  [Byte[]]$randomData = [Byte[]]::new($Length)
-  $rng = $null
-  try {
-    $rng = [System.Security.Cryptography.RandomNumberGenerator]::Create()
-    $rng.GetBytes($randomData)
-  }
-  finally {
-    if ($null -ne $rng) {
-      $rng.Dispose()
-    }
-  }
-
-  $result = ''
+  $result = New-Object SecureString
   for ($idx = 0; $idx -lt $Length; $idx++) {
-    $result += $alphabet[$randomData[$idx] -band $mask]
+    $result.AppendChar($alphabet[[System.Security.Cryptography.RandomNumberGenerator]::GetInt32($alphabet.Length)])
   }
 
   return $result
@@ -109,8 +93,7 @@ function Wait-Shutdown {
 
 
 $AdminPW = New-Password
-$AdminPWSecure = ConvertTo-SecureString $AdminPW -AsPlainText -Force
-$Credential = New-Object System.Management.Automation.PSCredential ("AdminUser", $AdminPWSecure)
+$Credential = New-Object System.Management.Automation.PSCredential ("AdminUser", $AdminPW)
 
 $VirtualNetwork = Get-AzVirtualNetwork -ResourceGroupName 'vcpkg-image-minting' -Name 'vcpkg-image-mintingNetwork'
 
@@ -299,3 +282,5 @@ Remove-AzNetworkInterface -ResourceGroupName 'vcpkg-image-minting' -Name $NicNam
 Write-Progress -Activity $ProgressActivity -Completed
 Write-Host "Generated Image:  $GalleryImageVersion"
 Write-Host 'Finished!'
+
+$AdminPW.Dispose()