I have an application, that (per the design specs given to me by my boss) must verify users domain login password on startup. The startup form is a simple username / password form and I am using the LogonUser API to verify the username and password provided.
After calling LogonUser, the returned token is set the nothing, the password and username textboxes are cleared, the login form is disposed, and the main form of my application is loaded.

The question I have is, Does this protect the users password?

On MSDN's LogonUser page it states:
"When you have finished using the password, clear the password from memory by calling the SecureZeroMemory function"

... but I cannot find any example of this function being used in anything but C++, and a VB.Net LogonUser sample I found on MSDN does not zero the memory, so is clearing the textboxes and disposing the form enough?