It looks like the method for verifying the cookie bbpassword is:

MD5([database value for password] . [license #]) == $_COOKIE['bbpassword']

My question is where is the license # stored? I didn't seem to find it in the DB

It is not stored in the database, but hardcodeed into the vB files when you download it from the members area.