You can use the System.Security.Cryptography.PasswordDeriveBytes
class to generate a symmetric key from a password. The name of the logged on
user that is returned by System.Environment.UserName can
be used as the salt to the generated key. This ensures uniqueness of the key for
every user, even if passwords are the same for different users.
The password is used to both encrypt and decrypt form fields
and is not persisted within the form. The user is responsible for remembering
the password; if she forgets the password or if the data within the form is
tampered with, decryption will fail and it will not be possible to unlock the
form any more.
The technique demonstrated in this article can be used to
create self-contained secure password-protected InfoPath forms that provide
authentication, privacy, and integrity.