|1. Whatever encryption you applied would have to be reversible without outside intervention, so your users will still be able to see the password.|
2. Networked resources have associated credentials, and credentials have an associated user. That means mapped drives are per user, and not per workstation. Look into logon scripts.
3. This is true. The solution is AD.
If you just want to give your users access to a network resource, the easiest way is to enable the Guest account and give that account access to the share in question. The clients will fall back to the Guest account, which has access to the resource, they can get their work done, and you can drop any pretenses of security.
The other option is to set up identical accounts on the server in question, and have the users set their password to be identical to their real account. They'll have to manually keep the passwords in sync.
How To Ask Questions The Smart Way