The scripts are transferred locally to be run, i.e. in ds it's in the temp folder, in ns in the software delivery, etc. Even after it's deleted it can be recovered unless it's specifically overwritten. Encoding the vbs is a little more secure, but it can be easily decoded with a click of a button
If you're worried about security you should pass in the password as an argument so the only time it's exposed is when it's running. Make sure it runs in a hidden window as well.
strpassword = wscript.Arguments(0)
strComputer = "."
Set objUser = GetObject("WinNT://" & strComputer & "/Administrator, user")
objUser.SetPassword strpassword
objUser.SetInfo
- Brent