Can not convert String to Secure String for use in New-ADUser

Question

I'm using Primal Forms Community Edition to create a GUI that will stream line our new student creation process for our secretaries. In the lower level schools the students use their birthdays as their passwords so they're easy to remember.

I have a Text Entry Box that is labeled as the "Birthday" Field. What I'm looking to do is take that field and use it for -AccountPassword in New-ADUser. However, no matter what I try I always get this error when trying to create a new user with my script.

New-ADUser : Cannot bind parameter 'AccountPassword'. Cannot convert the "System.Security.SecureString" value of type 
"System.String" to type "System.Security.SecureString".
At C:\Users\pomeroyt\Google Drive\Work\Scripts\Powershell\student_creation_gui.ps1:377 char:12
+ New-ADUser @User
+            ~~~~~
    + CategoryInfo          : InvalidArgument: (:) [New-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.ActiveDirectory.Management.Commands.NewADUser

The Code I'm using looks like this.

$password = $dob.text | ConvertTo-SecureString -AsPlainText -Force
$user = @{
    Description = "Student"
    UserPrincipalName = "[email protected]"
    Name = "$lname.text, $fname.text"
    SamAccountName = "$username"
    Surname = "$lname.text" 
    GivenName = "$fname.text" 
    EmailAddress = "$email" 
    HomeDrive = H: 
    HomeDirectory = "\\$server\Students\$yog\$username" 
    ScriptPath = "$script" 
    ChangePasswordAtLogon = 0 
    CannotChangePassword = 1 
    PasswordNeverExpires = 1 
    AccountPassword = "$password"
    Enabled = 1
    Path = "OU=$yog,OU=$group,OU=STUDENTS,DC=domain,DC=local"
    }
New-ADUser @User

I'm really at a loss here because everything I've seen says that what I'm doing should work

Edit --

The solution below did resolve the password issue. However, I didn't realize that I was actually seeing additional issues with my code.

I turned on -verbose to see what was happening and discovered that the Name field was not outputting correctly. When putting "$lname, $fname" for Name = it resulted in the full output of $lname for some reason. I created a new string called $name and set it to = $lname.text+", "+$fname.text.

Now Name = $name and the command fires as expected.

Answer 1

Change

AccountPassword = "$password"

to

AccountPassword = $password

If you have quotes around the variable, it is taken as a regular string instead of a secure string. Proof:

$plainText = "Plain text"
$secureString = ConvertTo-SecureString $plainText -AsPlainText -Force
$quotedSecureString = "$secureString"
$plainText.GetType()
$secureString.GetType()
$quotedSecureString.GetType()

results in

IsPublic IsSerial Name                                     BaseType
-------- -------- ----                                     --------
True     True     String                                   System.Object
True     False    SecureString                             System.Object
True     True     String                                   System.Object