First create an AES key and output it to a file. (reference here)

$KeyFile = "C:\ps\s\AESKey\AES.key"
$Key = New-Object Byte[] 16   # You can use 16, 24, or 32 for AES
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($Key)
$Key | out-file $KeyFile

 
Second, use the AES key we created in the first step to encrypt the password and output it to a file.

$PasswordFile = "C:\ps\s\AESKey\pwd.txt"
$KeyFile = "C:\ps\s\AESKey\AES.key"
$Key = Get-Content $KeyFile
$Password = "Y0urS3curePa$$w0rd." | ConvertTo-SecureString -AsPlainText -Force
$Password | ConvertFrom-SecureString -key $Key | Out-File $PasswordFile

 
Now, you got a password file which can only be decrypted by that Key you created in first step.

Here is a snippet on how to create a powershell encrypted credential, and use it to launch another process.

# use the passwordfile, and key created earlier
$MyCredential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, (Get-Content $PasswordFile | ConvertTo-SecureString -Key $key)

# Lauch another process with other credential from the user's powershell session
# This is useful if the user only has normal right, and you could launch it with another credential whom has admin right.
Start-Process powershell.exe -Credential $MyCredential -WindowStyle Hidden -ArgumentList "Start-Process $($Program) -Wait -ErrorAction SilentlyContinue"

 

Please take step to protect that keyfile!