Let's say you have a $secureString. If you don't have one handy, create one:

PSH> $secureString = ConvertTo-SecureString -Force -AsPlainText "hello"

Actually, we're breaking the system - SecureStrings aren't supposed to be created this way - they're supposed to be created like this:

PSH> $secureString = Read-Host -AsSecureString

Then again, we're talking about converting it back to text, which is also breaking the system.  Or at least circumventing it.

PSH> [System.Runtime.InteropServices.marshal]::PtrToStringAuto([System.Runtime.InteropServices.marshal]::SecureStringToBSTR($securestring))

There we go.

Disclaimer: this isn't anything new.  Many blog posts have gone over the same stuff.  This just presents it as a one-liner, and because I found it useful (primarily just to read a password without displaying it.)