Thanks. Hadn’t thought of the security issue about my address. And for elevating my “trust level.”
I’m thinking that the trouble involved in isolating the changed passwords in the existing vault is probably more work than re-doing them individually as they come up. Setting up Bitwarden correctly from the beginning will, I hope, save me way more trouble than either.
OK, well, in that case, please start by following the instructions I had linked above to create a .csv file export of your Lastpass vault data. Review the contents of the .csv file to ensure that it includes all of the logins that you had stored in your Lastpass vault.
Also, please let me know if you use Excel, or any other spreadsheet software, which can open .csv files and display them in a grid format.
This isn’t your problem, but I’ve now been through this three times and neither option, New experience or Previous experience, matches what I find. On the LastPass browser app, there is no Account tab, rather there is an Account Settings one, and there is no Account Options tab, there is an Advanced Options one. Nothing under Account Settings about exporting. Under Advanced Options there’s an export button, which, after a number of steps, gives me access to a .php file that looks like a .csv format; when I open it with LibreOffice gives me a spreadsheet which I’m pretty sure include sall the items originally saved in LastPass.
It’s a Lastpass problem, evidently.
It sounds like you are using the Lastpass Web Vault, and not their browser extension. For some users, the Web Vault export will print the CSV export data on the screen by displaying a webpage called export.php in the browser. Please note that Bitwarden has issued the following warning for Lastpass exports performed using the Lastpass Web Vault:
Warning
Some users have reported a bug which changes special characters in your passwords (
&,<,>, and so on) to their HTML-encoded values (for example,&) in the printed export.If you observe this bug in your exported data, use a text editor to find and replace all altered values before importing into Bitwarden.
If you copy and paste the information from the screen into a text file, and don’t see any evidence that special characters have been converted into HTML codes, then you could save the text file using the name export.csv, and we could proceed from there.
Personally, if it were my data, I would probably install the Lastpass browser extension temporarily, to ensure that I could get a proper .csv file export without corruption of special characters.
Hm. I thought I was using the browser extension, but that sure sounds like what I got. I’ll make sure to install the extension and try again. One of my main problems is that I’ve never been clear about what were the differences between the browser extension and the desktop app, and which I should be using.
OK, I’ve downloaded the lastpass Chrome extension, and exported the data. Now what? Is there a site where I can find the instructions so I don’t have to keep bugging you?
I’m wondering if it would make sense to do this:
Creating a JSON and CSV export of your Bitwarden vault was a good idea, and you may be able to use the JSON file and/or the output of Step #3 to identify vault items that you had added or updated since the original import.
I believe that the original import into your Bitwarden vault did not go as it should have, so I think it is best to start with your new Lastpass export and do the import properly after first purging your vault (instead of tinkering with data you have exported from Bitwarden). However, as noted above, you may then be able to recover some of the changes that you had made after first setting up your Bitwarden vault.
To purge your vault, log in to the Web Vault , click your profile icon (in the top right) and go to My Account, then scroll down to the “Danger Zone” and click Purge Vault. You might want to wait to do this until just before you are ready to import your cleaned-up data, though.
Let’s have a look at the .csv file that you exported from the Lastpass browser extension. Could you answer the following questions?
url, username, password, totp, extra, name, grouping, fav (no more, no less)?I’ll await your responses before providing further guidance. In case you wish to forge ahead on your own, without waiting for further instructions from me, my plan is to guide you through the process of “conditioning” your .csv file (which you can read about here), and then have you purge your vault and use the Bitwarden Web Vault Import Tool to import the conditioned CSV using the Bitwarden (csv) format.
I also have some ideas for how to find your recently modified items by using your JSON export, but I may need to test my idea first.
Thank you for this. I’m going to need to think about it and especially to work on those three questions – but it’s late here and my brain is shorting out. I have commitments tomorrow morning, so this is going to wait about 14 hours before I get back to it. I also want to read that link about “conditioning” the .csv file. I’m grateful for the time and thought you’ve already put into this. I had been on the verge of giving up on Bitwarden, expecting I’d gone so far wrong that I’d never be able to straighten out.
Finally, a chance to come back to this. I had thought I’d found a way to edit the exported .csv from Bitwarden to quickly delete all the duplicates (sort the file on the column with passwords – there were none in many of the files that were duplicates – delete them all, then resort by the name. But looking at rhe result there are still a significant number of duplicates, so I’m not sure there’s a point in trying to purge the vault and replace it with that file.
Going back to your plan, then. Yes, the headers in the exported LastPass data are as they should be. There are 130 rows of data, but it appears that I have 127 items in the LP vault. It appears to me that two of the data rows are corrupt: the URL is incomplete and there is irrelevant data in the “extra” column. The “totp” column has nothing in it.
I’ve read – really, looked carefully at – the instructions for “conditioning” a .csv file and I’m pretty sure they’re above my pay grade. My inclination is (after purging the vault) to import the file from LastPass as is, and deal ad hoc with any changes that I’ve made since I stopped using LP.
There are a number of rows in the .csv file that represent items that I no longer need; I’m assuming that if I delete them it will not render the file unusable?
I’ll watch for a response to this before I go ahead. Again, thanks for the help you’ve already given me.
Agreed. Do hang on the the JSON export that you made from your Bitwarden account (assuming you selected the unencrypted JSON format), as we may be able to use this later.
Are you saying that every column in the Lastpass .csv file has data in it, except for the totp column?
Can you give me some examples (or descriptions) of the type of data contained in the columns grouping, extra, and fav?
You can delete the rows that you don’t want to import (including the two corrupted rows), as long as you eliminate these rows completely, and don’t just create blank rows interspersed with the rows that you are keeping. (Although if you do create blank rows, that is a problem that should be solvable by sorting the rows, so it’s not a major issue.)
Please don’t do this. The next steps are very simple, and I am happy to provide detailed instructions. I only provided the link the to documentation about data conditioning because I had a sense that you might prefer to forge ahead without having to wait for my responses.
I will give you the required instructions after I receive your response to the two bulleted questions above.
Some quick responses:
Yes. The totp" column is empty. The “grouping” column has entries such as “News/Reference,” “Productivity Tools,” Email," “Social,” etc. The “extra” column has five entries; each looks like a note I made at some point, e.g., “Added manually,” or “used to be” and a changed password. The fav" column has only one entry, “Entertainment,” which looks as though it should be in column G, “grouping,” because in the column to the right it has the only 0, where I’d have expected it in column G. That row is for “http://www.spotify.com,” which I never have used. It, like a number of other rows, are ones I’d delete if that wouldn’t make the file unusable, and I think you’re saying it wouldn’t.
OK, I’m looking for the detailed instructions.
One more question: Do you have any rows in which the url column has a value like http://sn?
I had two. But to be sure I’ll need to download the file again, as I’ve deleted those rows (both were sites I’ve not used and had more information in one cell than would fit in one regular sized row). If it’s important to know this I’ll download the vault to .csv again.
The Lastpass entries that start with http://sn are so-called “Secure Notes”. Bitwarden can store such items, as well, and can be made to import them if needed. However, the process for importing Secure Notes from Lastpass is a little more involved than importing login password. Thus, if you no longer need the Secure Notes from your Lastpass vault, then you can just delete those rows from the exported .csv file. If you would like to keep those Secure Notes and store them in your Bitwarden vault, then we should probably deal with those data separately, so for now, please delete any remnants of the http://sn items from your .csv file.
Also, do delete that Spotify row.
In addition, please check that there are no rows that had data in Column I or higher.
I need to get something to eat, but I will return shortly with instructions for data conditioning.
Have deleted the Spotify row. There are a few others that I’m pretty certain I’m never going to use (would have deleted them from LastPass if I’d stopped to figure out how). I’m going to be away from the keyboard for a bit now in any case; I’ll look for further instructions ASAP.
OK, here are your instructions…
Modify the column titles of your .csv file, by making the following changes in the first row of Columns A–H:
url to login_uri (all-lowercase);username to login_username (all-lowercase);password to login_password (all-lowercase);totp to login_totp (all-lowercase);extra to notes (all-lowercase);grouping to folder (all-lowercase);fav to favorite (all-lowercase).
Then, create three more columns, by entering the following column titles in the first row of your .csv file:
1 of Column I, enter fields (all-lowercase);1 of Column J, enter reprompt (all-lowercase);1 of Column K, enter type (all-lowercase).
Finally, for each row (starting at Row 2) that has an non-empty entry in Column A, enter the value login (all-lowercase) in the column named “type” (Column K).
Save the .csv file.
Follow the steps below to purge your Bitwraden vault and import your conditioned data:
Log in to the Web Vault.
Click on the account profile icon in the upper right corner, and select “Account Settings”.
Scroll down to the section titled “Danger Zone”, and click on “Purge Vault”.
In the pop-up window, enter your master password and click “Purge Vault”.
Log out and log back in to the Web Vault. Confirm that the vault is completely empty.
Click “Tools” in the top navigation bar, and then click “Import data” in the lefthand navigation menu.
Under “File Format”, select “Bitwarden (csv)”.
Click the Choose File button, then select your .csv file in the file picker, and click “Open”.
Click Import Data, and wait for the success message (which will say that “A total of N items were imported”, where N should be the number of items in your .csv file), then click “OK”.
Click on the account profile icon in the upper right corner, and select “Account Settings”.
Scroll down to the section titled “Danger Zone”, and click on “Deauthorize Sessions”.
In the pop-up window, enter your master password and click “Deauthorize Sessions”.
Log back in on all of your apps.
Thank you. This is amazing. It’s late enough here that I’m going to wait until tomorrow to edit that .csv file. I’ll report back when I’ve gotten through all that successful (or messed it up by doing something dumb).
Assuming all goes well with the import, here is something you can try to recover some of the updates you had made after your original import.
First, right-click on the Windows icon at the left side of your taskbar, and click “Windows PowerShell”:
In the Windows PowerShell window, type cd "", then use the left arrow key ← to backspace exactly once, placing the cursor in-between the two double-quotation marks:
Now, use Windows File Explorer to navigate to the folder where you have saved your .JSON export. To make some of the following steps easier, rename the export to bitwarden_export.json.
Click in the address bar of Windows File Explorer to select the contents of the address bar (which should be the path to the current folder), and click Ctrl+C to copy the path.
Left-click one time on the Windows PowerShell window, and then right-click once. This should paste the path you had copied in between the two double-quotation marks in the expression cd "" (i.e., the path string should now be enclosed between the quotation marks). If all looks good, hit Enter.
In the Windows PowerShell window, you can now type dir -n bitwarden_export.json), and hit Enter. This should just display the name of the file (bitwarden_export.json). If you see an error message, you have made a mistake in the preceding steps.
Next, copy the following expression into your clipboard:
(type bitwarden_export.json | ConvertFrom-Json) | Select-Object -ExpandProperty items | Sort-Object -Property revisionDate | Select-Object -Property name,revisionDate
Left-click one time on the Windows PowerShell window, and then right-click once. This should paste the expression that you just copied into the PowerShell window. Now hit Enter. You should see a long list (all entries in the Bitwarden export), but they should be sorted by the date that each item was revised (with the most recently modified vault items listed last). By scrolling up through the list, you will hopefully be able to identify the vault items that you had updated after your original import. I hope this helps.
Well, that has been powerfully helpful. I’ve run into some trouble getting the correct address between the quotation marks. I’ll try again; the file is currently on my desktop and I’ll move it into its own folder; what I got between the quotations was simply “Desktop”, which doesn’t look like a path to me. One difficulty for me is that I rarely use File Explorer (Total Commander is my default tool) . Your step by step process is one of the clearest I have ever encountered, though, so I’m pretty confident my next trial will get me through it.
But right now I’m not really sure I need to identify the changed items. There are not many, and if I have the wrong password I’ll simply go through whatever recover/change password process that site has set up. My priority at the moment, now that I apparently have a properly formatted list in my vault, is to make sure I understand how Bitwarden actually works. (And finally to get my data out of LastPass.)