Secure Solution: Do not store a hashed password on the disk.
Steps:
- Have the user input a password at runtime for the database.
- Hash the password. (use SHA-256)
- Use the hash to derive a symmetric 256-bit key. (or use hash directly as the key)
- Use the 256-bit key to encrypt/decrypt the database file on the disk. (use AES algorithm)
Pro: Database encryption key is generated at run-time and never stored on the disk (only in memory).
Con: Encryption and key derivation becomes implementation specific and time consuming to implement.
You get to decide whether the required security for the application is worth the time to implement the security protocols correctly.