I have a similar situation in mobile software we use, we use the following approach:
- The first login on the device needs a connection to verify credentials.
It will store the last used username and a hash of the password locally.
- The next login, using the same username will hash the entered
password and compare it with the local one. If they match, the user
is logged in without the need of an internet connection. If it fails the
user gets two more attemps, at which point the software asks to verify
the credentials through the master server.
- The next login, using a different username will always use
an internet connection to verify. And if it succeeds, it will follow
step one again.
Obviously, you need to be aware of the fact that this approach is vulnerable to a brute force attack. There is no way you can prevent a hacker from doing a lot of attemps. You can only try to slow them down (using a slow hashing algorithm and other nags). If you are really worried about such attacks; using a connected login verification method is your only way to go.
There are other things to consider by the way. Is the device connected frequently or really infrequently? Do a lot of different users login on the device while a connection is not available? Answers to such questions could lead you to a single login implementation.