First off, to make sure the password is "secure" while in memory in the .NET application, you should be using the securestring datatype instead of just a string.

You can then use calls in the system.runtime.interop.marshal class like SecureStringToBSTR (there are others too) to marshal the securestring datatype over the the unmanaged native type used by the LogonUser function.

There are also methods for clearing out the marshaled types in the marshal class like ZeroFreeBSTR

However if you still need to make a native call to SecureZeroMemory, then why don't you just import it using a Win32 declaration like you are already doing for the logonuser api call?