With over 33 million users, LastPass is undeniably popular. However, in light of recent security breaches where encrypted password databases were taken, many users switched to a different password manager.
The recent incidents have taken a toll on LastPass’s standing. These security breaches were alarming, and the discovery that hackers had managed to take user data, both encrypted and unencrypted, further stained its image.
Moreover, in 2021, LastPass scaled back its free tier, adding to users’ complaints. These incidents have sparked concerns about data security, leading many to consider migrating their passwords from their LastPass accounts to Bitwarden.
If you are trying to switch to Bitwarden from LastPass and don’t know how to, this post is for you. This article will guide you through switching your password database from LastPass to Bitwarden.
Why are people leaving LastPass?
In August 2022, LastPass experienced a security breach when an attacker accessed the company’s source code through a compromised developer account.
Fortunately, this attack did not result in compromised vault data or master passwords, and users were not required to take additional measures. Despite the magnitude of the breach, the overall impact was limited, which could be viewed as a silver lining.
However, less than five months later, LastPass suffered another security incident. In this instance, an attacker exploited information from the August breach to infiltrate LastPass’s internal systems.
Users’ details were revealed, including email addresses, phone numbers, and IP addresses. Moreover, LastPass admitted that the hacker had gotten a copy of an encrypted backup containing user passwords, website usernames, and autofill data.
While the passwords remain secure, unencrypted URLs are among the stolen data unless the hacker can break the encryption. These URLs could contain sensitive information like account tokens, API keys, and credentials.
Why choose Bitwarden?
Among the many password managers that have sprung up over the years, Bitwarden stands out as a reliable and trustworthy choice. However, it might be slightly more technical than LastPass and possibly less user-friendly.
There are several reasons why Bitwarden outperforms LastPass. For one, it offers free personal use, a significant advantage.
Even though there is a premium plan that provides extra features like advanced two-factor authentication and emergency password access for friends and family, it’s not necessary to pay to store and synchronize your entire password vault across all your devices.
If you opt for the added features, the premium plan is a reasonable $10 per year. Bitwarden provides apps or extensions for all major browsers, mobile platforms, and computer operating systems. Furthermore, Bitwarden’s open-source, local data storage capabilities and track record of never being hacked give it an edge.
Bitwarden’s security settings are also highly flexible. It supports various two-factor authentication methods to safeguard your passwords from unauthorized access.
How to switch to Bitwarden from LastPass?
The process is relatively straightforward. It is recommended to use a computer or laptop for this purpose. Attempting this transfer might not work properly or at all on a mobile device. Here’s a simple step-by-step guide on how you can make this switch.
Step 1: Export passwords from LastPass
Your journey from LastPass to Bitwarden starts with exporting all your data – passwords, notes, card details, and other information from LastPass. Thankfully, LastPass offers a feature to export this data into a .csv file.
- Log in using your LastPass account, which will take you to the LastPass vault.
- Look for “Advanced Options” in the options list on the left and click on it.
- From the menu that appears, select “Export.”
- You’ll get an email with the file link. Open the email and click “Continue export” to proceed. Your LastPass vault data will now be downloaded onto your system in a CSV file.
You’ve successfully exported your data from LastPass. When you open the file, you’ll see all your passwords, addresses, saved cards, and other data displayed in Excel.
Step 2: Create a Bitwarden account
With your LastPass data exported, it’s time to create your Bitwarden account.
- Start by visiting the Bitwarden website. Select “Get Started” from the top menu.
- Enter the email address you wish to associate with this account, followed by your master password. Tick the box to indicate your agreement with the terms and conditions, and then click the “Create account” button.Ensure to set a Master Password Hint during your Bitwarden setup. Given the rigorous encryption, forgetting your Master Password can lead to permanent account lockout. The hint acts as a vital reminder, providing helpful cues to recall your password without compromising security. Implementing this step is crucial for maintaining secure, continued access to your account.
- Verifying your email address immediately is advisable, click the “Send Email” button.
- Go to your email account and click the blue “Verify Email Address Now” button to finish the account creation.
You have successfully set up your Bitwarden account and are one step closer to completing your transition from LastPass.
Step 3: Importing data from LastPass to Bitwarden
After setting up your Bitwarden account, importing your data from LastPass is the next step. This must be done via the web vault or Command Line Interface (CLI), ensuring your data is encrypted locally before being sent to the server for storage.
Doing it via web vault is straightforward and requires nearly no technical knowledge. So we are only discussing the preferred web vault method here. Here’s how you import your data:
- Start by logging in to the web vault at vault.bitwarden.com. If you’re self-hosting, go to your.bitwarden.domain.com.
- Select “Tools” from the top navigation bar.
- Select “Import Data” from the side menu.
- Select the file format you want to import using the format dropdown menu. Remember, we imported our LastPass passwords in a .CSV file.
- Click on “Choose File” and upload the file to import.
- Once the file is selected, click on “Import Data” to initiate the import process. If you’re importing a password-protected .json file, you’ll be prompted to input the password in the “Confirm Vault Import” window that appears.
Data file will be downloaded to your computer. Delete the source file from your computer once your data has been successfully imported. This precaution safeguards your information in case your computer gets compromised.
Note: Additional items such as file attachments, sends, trash, and password history must be manually uploaded to your vault.
File size import limitations
While importing your data to Bitwarden, there are certain limitations on the import file size. Your import might be declined if it exceeds any of the following constraints:
- Your import contains more than 6,000 items.
- Your import comprises more than 1,000 folders.
- Your import includes more than 1,000 collections.
- Your import presents more than 6,000 item-folder associations. For instance, if a single item is placed in 3 folders, it would be considered as having 3 item-folder associations.
- Your import has over 6,000 item-collection associations. Similarly, if a single item is part of 3 collections, it would have 3 item-collection associations.
Please ensure to abide by these size limitations while migrating your data to Bitwarden for a smooth and error-free import process.
Step 4: Install the Bitwarden browser extensions and apps
Now that you’ve successfully imported your data into Bitwarden, the next step is to install the Bitwarden extensions and apps. These will enable Bitwarden to autofill login details for websites and apps. Bitwarden offers extensions for the following browsers:
- Google Chrome
- Microsoft Edge
- Tor Browser
Additionally, Bitwarden provides apps for various platforms, including Windows, Android, macOS, iOS, and even Linux. You can download these from their respective app stores or directly from the Bitwarden website.
Step 5: Deleting the Last Pass account?
After successfully importing your passwords into Bitwarden and confirming that it works well for you, you no longer need your LastPass account. If you’re certain about this, it may be wise to delete the LastPass account.
Ensure all necessary data is imported to Bitwarden before deleting your LastPass account. Also, remember that this action is irreversible – once deleted, you cannot recover any data from your LastPass account.
Read our complete and comprehensive guide on how to delete and uninstall your LastPass account.
Import your form fills into BitWarden (Optional)
LastPass doesn’t include form-fill data in the standard export from the web vault. If you’d like to import this information into Bitwarden, you’ll need to export the form-fill data as a CSV file from the LastPass browser extension. Please note that form-fill data can only be exported using the browser extension.
Here’s how you do it:
- Click the LastPass icon on your browser toolbar to open the LastPass popup interface.
- Navigate to “Advanced” -> “Export.”
- You’ll then be redirected to a page requesting your LastPass master password for verification. Please enter your LastPass master password and click “Continue.”
- Your form-fill data will be decrypted and displayed on the screen in CSV format. You can download this file on your PC.
After successfully exporting your form fill data, you can import it into Bitwarden. Just follow the same steps outlined in Step 3 in the previous section.
What to do if you get errors while importing to Bitwarden?
Importing a CSV file into Bitwarden could fail depending on the passwords or other data. Here are some possible errors and how to fix them:
Data is not formatted correctly
If your passwords include special characters, they might be converted to their corresponding HTML codes while exporting CSV files. For example, the character “&” may change to “&.”
To prevent potential issues, reviewing all such codes in the CSV file and replacing them with the correct special characters is crucial. This ensures your passwords remain accurate when imported into Bitwarden.
The field exceeds the maximum encrypted value length
When importing data into Bitwarden, if the length of an encrypted value (typically 30-50% longer than the original value) exceeds 10,000 characters, Bitwarden won’t be able to import the data.
This issue will prompt an error message that reads: “Index number,” “Vault item type,” “Name of item“: The Field “Field name” exceeds the maximum encrypted value.
To resolve this, locate the entry with the specified index number and reduce the length of the problematic item so that it is less than 10,000 characters in the given column. By doing so, you should be able to successfully import your data into Bitwarden without encountering this error.
Migrating from LastPass to Bitwarden, while seemingly complex, can be simple with this guide. Be mindful during data export and during your Bitwarden setup to avoid potential errors. Once you’ve successfully migrated and tested Bitwarden, consider deleting your LastPass account to ensure your data isn’t left on an unused platform.
Ultimately, the switch isn’t just about changing your password manager, but enhancing your overall digital security. With this change, you’re taking a significant step towards personal digital safety in our increasingly interconnected world. Enjoy the peace of mind that Bitwarden can offer.