In RoboForm 7 you had a User ID, Everywhere password, and Master Password. This has become very confusing for many users. We have simplified the process and also have increased security. Many believe that 2 is better than 1, but not with our new security.
RoboForm 8 uses SCRAM, the most modern and secure authentication scheme.
More info on the mechanism can be found here: https://en.wikipedia.org/wiki/Salted_Challenge_Response_Authentication_Mechanism
Here is how it works:
From the user side: (which is RoboForm application and the login form at the RoboForm Online site):
The entered password is never sent to the server directly, instead, it uses a hashed version of your password. The hash is salted with a challenge that keeps users protected from man-in-the-middle attacks.
At the server side:
Siber Systems "RoboForm Online Account" does not store your Master Password on our server.
Instead, a key is stored which can only be used to check the user authentication and cannot be used to obtain the Master Password.
In addition, SCRAM employs the PBKDF2 mechanism, which increases the strength against brute-force attacks.