I have a web application with a SQL database backend. The database has a [UserAccounts] table that stores [Username], [PasswordHash], and [PasswordSalt]. The web application creates the hash and salt (and authenticates). That all works as it should. No problem.
I would like to integrate a 2nd, desktop application with the database. This application would run more like a service or a scheduled task. What I need to be able to do, is authenticate a Username and Password every time this application executes. Since it will be running as a scheduled task (without user intervention) I need to be able to store a Username and Password locally (in a XML or INI file perhaps) that can be authenticated with the Username and PasswordHash in the database.
What is the best way to securely store a Password so that it is not in plain text? Or is there another/better way to accomplish what I need to do?
The desktop application is written in VB.NET.
Thanks in advance!