Holds a SecureString structure where the plaintext password is appended to. Once the password is completly appended it can be hashed and stored in protected memory, where only the running process has access to
The goal was to use ProtectedMemory for hash storage. Protected Memory encrypts data which is only accessible by this process, but this is not available on all platforms, so the workaround is to store the hash value in a secure string and convert it to byte[] once it is needed