There are many ways to encrypt and store passwords. There are times where developers find it difficult to figure out which method to use for a specific situation. The one I'm going to be talking about is for use with windows applications.
When creating a windows application, some developers, I have found, take the easy way out and store the password as plain text. That, obviously, is a very BAD idea, and those who do this should be smacked over the head.
Anyway, a cool and secure method that I found is to use the ProtectedData class (which uses DPAPI). Now, what does this class do? Well, it is used to encrypt data (obviously). However, what is unique about this method is that it can only be unencrypted by the user account on the machine it was created by.
Here is an extension class that I found which really helps with using the ProtectedData class.
Here's a simple example on how you use it:
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
byte buffer = new byte;
string salt = BitConverter.ToString(buffer);
string password = "mypassword";
string encrypted = password.ToSecureString().EncryptString(Encoding.Unicode.GetBytes(salt));
string decrypted = encrypted.DecryptString(Encoding.Unicode.GetBytes(salt)).ToInsecureString();