Bitwarden passwords not exported accurately

I use Bitwarden and I was exporting my passwords in an unencrypted format, what I noticed is the passwords are not correctly exported when they are downloaded.

I observed that if your password has a back slash " \ " or a forward slash " / " the export is adding more of these slashes \ which actually are not a part of the password. So this method is corrupting the actual passwords in the unencrypted format. FYI my export format is .json unencrypted

It would be interesting to know if someone has already experienced this. Thank you

Hi @Micheal - welcome to the Bitwarden community!

Those extra backslashes you are seeing are escape characters, and I believe they are necessary in the JSON format to re-import the file correctly.

I haven’t tried this myself, but if you need plain-text access to your passwords after they have been exported, I suspect the CSV export format might be your best bet.

1 Like

Hi @dh024

Thank you for the warm welcome

I understand we need escape characters but let me explain this with an example:

Original Password - J8dB2\kg/67
Json exported password - J8dB2\kg//67

escape characters like /n are used for new lines but in this case the password itself is getting altered. Ideally the system should consider everything in my “password” field unique and copy it as is right. Can this not be resolved somehow.

Great example, so you can see that if your password was s+hg7\n3!, then importing that data back into the vault would cause a line break to be inserted between the 7 and the 3. To avoid this, the password would be exported as s+hg7\\n3!, because later, the import algorithm will convert \\ to \ (actually, the first \ tells the import algorithm to interpret the second \ as a regular backslash character that is part of the password, and to not combine it with the n to make a new-line character). This procedure (adding and removing escapes) is what makes it possible to re-create the correct form of the password on import.

Because all “escapes” (\) that are added during the export will be removed during the import, no corruption of the passwords will occur.

The only possible problem is if you are displaying or printing the text version of the exported file, and using this as a reference or backup for your passwords — in that case, the escape characters may cause confusion, because they are designed to be machine-readable, not human-readable. If this is your use-case, I would recommend the following solution: export your vault in CSV format, then open the CSV file in Excel (or some other spreadsheet software) and print your file from there. When the file is imported into Excel, the escape characters will be removed.



Thank you very much for the detailed explanation, i will do the needful

1 Like