Protecting the data in your app config, if you really want to be sure, means employing encryption with a key specific to your app, and storing the result in your config setting as a BASE64 encoded string.
Before writing the data, you'll have to use a text encoding to convert the text to an array of bytes. You then encrypt that array, then turn the resulting array into a base64 encoded string which you then store in your config.
Before inspecting the data, you'll have to decode the base64 encoding, decrypt the resulting information (a byte array), and then use the same text encoding to convert from the array of bytes to actual text.
If you really want to be a swine, you use an assymetric algorithm - encode with the private key, decode with the public key. That means that not only is the config data hard to read, it's IMPOSSIBLE to modify (because you don't give out the private key with your app - only the public one).