I saw this great post on encrypting your data using Windows Phone 7 by Rob Tiffany.
Rob makes several great points, including how easy it is to accomplish this task in Windows Phone 7.
Keep in mind that not only passwords and connection strings should be encrypted - anything that your application uses that may be sensitive to your application or company's way of doing business may be a candidate for encryption. That being said, just because you *can* encrypt everything, doesn't mean you *should* -- if the data is publicly accessible on your website and your app is just an extension of it, don't encrypt it - get the performance "boost" by not encrypting it.
Also, remember that encryption = processor time = chewing up the battery. The less work that the processor on your device has to do to pull the data out, the longer your device's battery is going to last!