Filr supports authentication using IDs and credentials that are validated with the LDAP identity source from which they were provisioned. The credentials from these LDAP providers are cached within Filr, but they are never really synchronized from the LDAP provider.
Local users that are not provisioned via LDAP have their local credentials stored in Filr. These credentials are secured, encrypted, and protected.