SecureString is the type that's used for passwords in SharePoint 2007.  You might find its use when you are automating some "higher level" administration operation (like creating a web application for example).  How do you use it is shown below:

   1: private static SecureString ConvertString(string strPwd)
   2: {
   3:     if (strPwd == null)
   4:         return null;
   5:     SecureString strSecurePassword = new SecureString();
   6:     foreach (char ch in strPwd)
   7:         strSecurePassword.AppendChar(ch);
   8:     strSecurePassword.MakeReadOnly();
   9:     return strSecurePassword;
  10: }

The above method will return the type SecureString that we can pass to the calling application like below:

   1: SPWebApplicationBuilder oBuilder = new SPWebApplicationBuilder(SPFarm.Local);
   2: oBuilder.ApplicationPoolPassword = ConvertString("test");

SecureString finds its place when you deal with the following APIs:

SPFarm.Create

SPFarm.Open

SPSecurity.SetApplicationCredentialKey

SPEncryptedString.UpdateSecureStringValue

SPPeoplePickerSearchActiveDirectoryDomain.SetPassword

SPEncryptedString.SecureStringValue

SPProcessIdentity.SecurePassword

SPWebApplicationBuilder.ApplicationPoolPassword

SPRestoreSettings.FarmAdminPassword

SPMetabaseManager.ProvisionIisApplicationPool

PasswordTextBox.SecurePassword - this is a control.

These are the APIs that I could see uses SecureString, there might be others as well.  Just came across an automation scenario lately where I had to create multiple web applications and wondered how to I set the password of type SecureString.

Invested around 20-30 minutes of time figuring it out, so thought if I post this, it might as well be helpful to others :)

Keep hacking!