Network passwords are not physically stored in Equitrac DCE cache, instead an SHA256 hash value is stored in the DCE cache that is generated from the Username,Password pair. This hash value is calculated as one way hash, so it cannot be decrypted from the cache.
When the user logs in with offline CAS, the entered credential will be hashed and compared to the one stored in the cache.
We use Windows cryptoproviders, that is the recommended way by Microsoft, to make encryptions and hashes.
The stored DCE cache credentials are updated, when the CAS gets online.
So, old credentials, usernames and passwords, stay valid in the cache while the CAS is offline.
If it is needed, DCE offline support can be disabled from System Manager.