ORA-01017: invalid username/password;logon denied

There were other similar questions asked, but none that were able to tell me why I can't connect using a C# .NET web site I've stood up. While I know this forum is more for DBAs connecting to databases using tools and not so much troubleshooting apps connecting, I thought I'd give it a shot posting the question here.

The web site works/connects from my workstation when ran from Visual Studio, but when I publish it to the server, it gives me the ORA-01017: invalid username/password;logon denied error, even though I can connect via everything else with the same account/password. Situation:

1. I can connect using Oracle SQL Developer, SQL*Plus just fine with the account I'm using… let's call it "myaccount".
2. Using Net Manager, I can expand "Service Naming" and see the entries from my tnsnames.ora.
   a. The same string that exists in tnsnames.ora/Service Naming area, exists as a hard-coded string in my application, with the exception of things like the host name, service name, port, user name, and password, which are passed-in as parameters from my web.config.
   b. I can click a connection name and everything appears correctly, and clicking "Test Service" > "Change Login" > enter "myaccount" and password > click OK > click "Test" succeeds.
   c. I have double-checked my parameters in my web.config – nothing has changed since the web site ran on my local workstation.
3. tnsping CONNECTION_NAME succeeds.
4. Environmental variables are the same on both computers, as are the Oracle client locations.
   a. ORACLE_HOME = C:\oracle\product\12
   b. PATH = C:\oracle\product\12\bin; …..
   c. TNS_ADMIN = C:\oracle\product\12\network\admin
   d. Registry entry added to HKLM\Software\Oracle\KEY_OraClient12Home for TNS_ADMIN = C:\oracle\product\12\network\admin
5. I've tried the ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = FALSE; command and reset the password, just in case that was the issue. I tried connecting with all-caps versions of myaccount and its password, as well as all lower-case versions of both (lower-case on both is how I had it originally when it worked on my workstation).
6. The account has a PASSWORD_VERSIONS of 10G and 11G – I don't know if it matters that I'm using a 12c client and 12C is not there. Main difference between the server and my workstation is I only have the 12c client on the server – I have 10g, 11g, and 12c on my workstation. I was going to try using the 11g ODP.NET assembly, Oracle.DataAccess.dll, but my code won't compile (I get "Could not load file or assembly 'Oracle.DataAccess' or one of its dependencies. An attempt was made to load a program with an incorrect format.".), even after changing the namespace from using Oracle.ManagedDataAccess.Client to using Oracle.DataAccess.Client.
7. Attempted passing in the password with quotes around it and without–both methods worked on my Visual Studio instance, just not on the server.
8. If I deliberately put in a totally bogus password, and run the site on the server enough times, it will lock the account, so I know it's connecting to the database.

Running out of things to try… any help/suggestions would be appreciated.