The problem is that you need to sort out some form of "backing storage" to preserve login details once your app is closed. If you don't then unless you hard-code the users and their details into your application - and that's a very bad idea - then you will have to "teach" it the users anew each time.
The backing storage doesn't have to be a database - though that is the most usual method - you can use almost anything, including XML, CSV, or even flat text files.
Or even My.Settings (though this makes "sharing" user details between two or more PC's on a network a lot harder to do).
But the choice of backing storage isn't what makes it secure or insecure: how you store the data in that storage is what controls that.
If you store:
Smith, John, BigJohn, MyPasswordIsStrong!
Then it will always be insecure.
If instead you hash the password, and store the hash:
Smith, John, BigJohn, 479a49ed4105db89b429482a9c8355537210158740964554b636f86ed00ec91b
Then the password info is secure regardless of how you store it.
Have a look at this:
Password Storage: How to do it.[
^] - the code is in C#, but it's pretty obvious and and online
Code Converter[
^] can translate it to VB if you can't understand it.