A Technical Blog, originally posted at http://www.csharphacker.com/technicalblog/index.php/2010/01/21/who-knows-of-the-net-secure-strings/
While SecureString is certainly not a new kid on the block, it is often overlooked by .Net programmers that are programming applications that deal with sensitive data (think PCI, KeyManagement, Passwords, Credit cards, etc.)...
DPAPI and Triple DES: A powerful combination to secure connection strings and other application settings
Extending ASP.NET role based Security with Custom Security Module (Permission Based, Page Level Authorization)