We are preparing to deploy a Windows .NET client app that will make web service calls back to our central server. We've been given the requirement to validate that all calls made to the web service come from our client apps and not from any other caller. It's been proposed that we pass along a security token that is common to all installations of our application. However we now have this common string to secure within the application installation. Is there an effective way to reasonably protect such a string from being discovered by a hacker?We are preparing to deploy a Windows .NET clien