I am currently working on an application ASP.net MVC5 hosted in Microsoft azure in which I need to stock numerous passwords. I think I can not use the hash because I need to be able to get the password. For the encryption/decryption of these passwords I thought to use the RijndaelManaged class which seems to be safe.
The problem is I do not know how to store the key for this encryption/decryption in order to have an application as safe as possible. I have seen several topics on that, but we see anything and everything. Should I stock the key in the implementation, in the database, in a conf file or in a blob azure (or something else) ?
There's really no safe way to store keys and have them accessible to a web app. That being said, the "safest" way is to use the Azure Key Vault. It's a FIPS-140 Level 2 certified HSM, and can perform crypto operations without your application needing access to the keys.
Of course, this only marginally improves security if your application can just request any decryption that it wants (if an attacker compromises the app, they can issue the requests themselves). But at the very least, the physical medium is protected, and you're shifting the actual crypto operations to a secure environment. It's also more likely to meet regulatory requirements, as opposed to storing keys raw in a config file.
A simple tutorial showing example code can be found here