I want to make backup by exporting my vault but only json file can be encrypted via bitwarden export option and my question is, if JSON encrypted file is possible to import to another password managers or any other option to open it after idk few years but NOT USING BITWARDEN??
If you are selecting the option to create an encrypted .json of the password-protected type (not the account-restriced type), which you can do in the Web Vault app (or using the CLI), then you will be able to decrypt it using the BitwardenDecrypt tool (a third-party utility that is not affiliated with Bitwarden). However, this utility will output an unencrypted file that uses the JSON format, which is not very convenient for importing into other password managers (most password managers expect import files to use the CSV format).
The easier solution would be to import the password-protected JSON export back into Bitwarden (using a new account if you have lost access to the original account), and then export as a plain-text CSV, which you can import into any other password manager.
Is there a reason why you don’t want to use Bitwarden to convert the backup file to CSV format?
Just thinking having encrypted with password json is safer than easy to open csv, even if i want put that .json to my bitlocked pendrive.
Maybe im thinking too far in future and im not sure what will happen with bitwarden after years… That’s why wanted have option to import it just in case.
Perhaps i should just export it in CSV and move it on my pendrive with bitlocker. But still prefer double encrypted, file + pendrive
Bitwarden is open source, and has millions of users. You can be assured that if something were ever to happen to Bitwarden the company, the open-source community would quickly respond with the following:
A project that replaces Bitwarden, and that will be fully compatible with your existing vault (e.g., you would be able to import the password-protected JSON file directly into the replacement apps). Vaultwarden is one such alternative that exists currently, but if Bitwarden ever goes under, more such projects will sprout up overnight.
A wide variety of free, open-source utilities that decrypt password-protected JSON exports and convert them into CSV format, or into formats that are native to other password managers (e.g., .kdbx, .1pux, etc.). Currently, the only available utility is BitwardenDecrypt, but that is simply because there is little demand for this type of decryption utility when Bitwarden is still in existence.
I may be in the minority here but I prefer to export my data vault UNECRYPTED in both json and csv format so I have both easily available should the need arise.
Here is where I leave the thread trail in its current form ------ I always export directly into a virtual drive, which of course is highly encrypted, and is designed ONLY to hold my data vault. Once the export is finished and it only takes a few seconds, my virtual drive is closed so data is totally secure. But its easily available and also simple to make several backup copies. Never less than three on this end. LOL!
@OpSec We may have discussed this already in a different thread, but which app & OS are you using to do the exports, and what method are you using to prevent Bitwarden from storing temporary files in an insecure (i.e. non-encrypted) location? Just specifying the destination using “Save As” is usually not sufficient.
I might have added some confusion by using the word “directly” in my post above. I use ONLY linux for all operations however its a two step operation. Its fully true that my vault data is stored only on encrypted virtual drives. I will now describe how the data gets into that vault. I use a specific linux VM for this purpose. The VM is very CLEAN and snapshot backups keep it that way. The BW data vault is exported to an encrypted drive on my VM. Once that virtual drive is closed, and thereby BW data locked in encryption, I copy the virtual drive (around 250 meg) to other media. I then restore the clean snapshot backup thereby removing any and all VM OS tracks that have been made during the export.
I am almost certain my construction will not allow any breakout of the VM and any activity within it are constantly removed via snapshot and Bleachbit control mechanisms.
This probably seems like overkill but I work inside linux VMs all day long. My systems are already running in this mode. I am not saying I would create this setup simply for the purpose of backing up BW vaults.
I know we/I could debate how bare metal users might export a vault without exposing a “trail” within their OS. I can mentally devise ways to do that, but candidly I no longer bother with that. Its fully secure to simply blow away the entire OS activity with a VM snapshot. In my mode if you are “tin foil” regarding the idea of a trail in your OS, this method takes the hat off, LOL!!