SEARCH

How-To Geek

How To Import Your Saved Browser Passwords Into KeePass

image

We have previously covered the security of saved passwords inside Internet Explorer and Chrome which lack browser specific master password protection. If this leaves you a bit wary and yearning to move or backup your passwords to KeePass (an open source dedicated password manager), this process is incredibly easily even if you have a multiple browser setup.

Exporting Your Current Passwords

As stated above, the overall process is very simple as it is just a matter of exporting your current passwords to a text file and then importing into KeePass. A utility which makes this a breeze is NirSoft’s WebBrowserPassView which displays saved password information from IE, Firefox, Chrome and Opera at the same time.

When you launch WebBrowserPassView, it scours your computer for browser passwords and displays any it finds. However, if you have a master password set on Firefox you must first enter it under Options > Advanced Options before these protected entries will appear.

image

Once all your password information is displayed, select all the entries and click the disk icon to save the selected items.

image

Enter a File name and for the Save as type, select “Comma Delimited Text File”. Note: There is an option for KeePass CSV, but this does not import correctly to the latest version of KeePass.

image

Importing Into KeePass

Once you have your passwords exported, importing this file into KeePass is an equally simple task.

First open your KeePass database or create a new one.

image

Under the File menu, select Import.

image

For the Format, select “Generic CSV Importer” and then browse to the CSV file you created using WebBrowserPassView above.

image

When the CSV import dialog opens, the default field mappings need to be adjusted according the format of our CSV file. Assuming the default column ordering in WebBrowserPassView was used, the correct mapping is shown below. You can match this setup by dragging the columns into the correct order.

image

Once you have finished the column order, click the Refresh button. The columns from the CSV file should now line up with their respective KeePass fields.

Click the Import button when everything is correct.

image

The imported entries will appear in the top/root level.

During the import, however, the CSV column headers are imported as an entry and should be deleted. This entry will have the User Name of “User Name”, a Password of “Password” and a URL of “URL”. Locate this entry and delete it.

image

That’s it. You now have all your browser passwords stored in KeePass.

If you want, you could now delete all your saved passwords from your browser and use KeePass for your password storage. Alternately, if you would like to continue to use your browser, you can “refresh” your KeePass entries at any time by deleting your existing browser passwords and re-importing them.

image

Delete the Plain Text CSV File

Important: When you are finished, don’t forget to permanently delete your CSV file by holding down the Shift key while you press Delete.

image

 

Download WebBrowserPassView from NirSoft

Download KeePass

Jason Faulkner is a developer and IT professional who never has a hot cup of coffee far away. Interact with him on Google+

  • Published 08/24/11

Comments (12)

  1. Evert

    One thing missing in this otherwise good article: Why should I switch from LastPass to KeePass? (or shouldn’t I?)

  2. Jason Faulkner

    @Evert – Like everything, it boils down to personal preference. Personally, I don’t like the idea of LastPass where all my passwords are stored on a remote server I don’t control. LastPass claims this data is encrypted but as we saw with DropBox (who could decrypt your data if compelled to do so), sometimes this isn’t the whole truth.
    I would rather secure my password data myself and KeePass is a great choice to do so.

  3. HAN

    @Jason Faulkner- 1st, thanks for the interesting article. :) But I felt I needed to respond to your comment on LastPass. LP says they use 256-bit AES encryption (which to my knowledge, has not been broken.) They have also said that they do not store a user’s master password. I have found no evidence anywhere that they don’t follow these statements. Therefore, they cannot decrypt a user’s password database. From my understanding, DropBox did not employ an encryption method anything remotely resembling what LP does. I don’t think the two can be compared on any level. That said, if the cloud storage that LP uses bothers one on a personal level, that’s something potential uses have to decide. FWIW, KeePass is an excellent program and if one can make good use of it to keep their passwords safe and organized, I am all for it!

  4. Andy

    @HAN – If you’re afraid of Dropbox not being 100% safe place to keep sensitive data (which is true) you can always place the data into TrueCrypt container. The drawback of this method is that you’ll be forced to upload the whole container after every single change made to the files inside, but hey, I don’t think this is too big price to be paid for security.

  5. Jason Faulkner

    @Han – I’m not disagreeing with you on the security measures taken by LastPass. My point is unless you work for LastPass you cannot be 100% sure how the data actually is protected. Call me paranoid, but I will take what I read on an about page about as serious as I do a privacy policy (i.e. subject to change at any time).

    As stated above, when you protect your data yourself (using KeePass in this case), you know exactly the level of security you get and are not dependent on someone else to protect it.

  6. Janey662

    I like RoboForm, i’d never use lastpass or keepass.

  7. Luis

    Does this work with the KeePassHttp plug-in? I alredy use KeePass with the extension on Chrome but I have to configure each account I want to store, exporting the whole data at once would be helpful

  8. Vaidya

    1. How do I use Keepass, if I have two computers.
    2. I was using Keepass for quite some time until one day, one of its file got corrupted. I could do nothing. How do I take back up of my password safe. How do I shift it to another computer.

  9. Art€

    An excellent article, thanks. I have been an avid user of Keepass. Which I use not only on all my computers, but also on my USB stick in my Port@ble Office. Any ‘sensitive’ file like the CSV file that you generated I would ‘shred’ with Eraser (portable) to ensure nothing is left behind. (I do this also with my Keepass database if I regenerate and export it to my USB stick).

    Great stuff.

  10. Damn Keepass

    I had keepass, and it was a mess, if you use it in on a USB stick, be really carefully, if you dont unmount the drive and just unplug, you will lose data and the keepass file will be corrupted! Happened to me 3 times and i moved back to roboform. Was a pain to get access to all my emails and so on.

  11. Jason Faulkner

    @Vaidya – You can use the portable version of KeePass and carry it on a USB drive with you (note the comments from some of the readers above regarding this).
    As for backups, you simply make a copy of your KeePass database file.

  12. Major Private

    I have been using KeePass for quite some time. Portable. Besides the fact that its not in the cloud, meaning all security is my responsibility, and I do not have to rely on any one else, coupled with the fact that you can take it anywhere (usb stick anyone?), I like the fact that the database file itself and the key could be anywhere on my PC. And not together. Further to that, as an aside, you can obfuscate the information inside – eg You can call an item Horse and put in under Network – you don’t have to actually state exactly what is for what – in reality a bank account. Backing up these files is crucial – and anyone who corrupts their usb stick isn’t really thinking. If no files are in use, yank it (i have for 5 yrs no problems) or use the Safely Remove Hardware. You can also encrypt your usb stick or get those hardware encoded password ones etc. Totally think KeePass is brilliant. I also think that for example, if you were traveling overseas and lost it, you would want a renamed copy of these files available online somewhere secure. And I also don’t have a problem for LastPass. Horses for courses. Cheers :)

Enter Your Email Here to Get Access for Free:

Go check your email!