MSS calls a user-replaceable module, dfhucryp.so, located in both $COBDIR/lib/es and /lib/es64, to perform encryption and decryption of user passwords. The installed module does not actually perform any encryption; that is, the encrypted password is the same as the unencrypted password. You can replace this module with one that implements a password encryption and decryption strategy appropriate for your site.
The source (dfhucry1.so) form is provided in $COBDIR/src/enterpriseserver/exit/. It uses the number of 1 bits in the user ID as a shift count and a pair of encipher and decipher tables.