Database Backup

Is there a way to make a copy of the actual database (assuming an encrypted version lives locally for the time that you’re using it) and be able to make a local backup. Something other than a CSV backup since that’s unencrypted.

It would be a good way to ensure you have something to go back to in case the database becomes corrupted, such as when renewing the encryption key.

Or just for general, local backup.

Agreed, I have just moved over from DashLane and used that feature alot, weekly encrypted backups.

1 Like

I saved a copy in an encrypted Keepass file, even though I don’t use Keepass. Bit clunky, and being able to save a copy of the encrypted database would be nice.

3 Likes

I recall this discussion somewhere else at one point (Github?) but haven’t seen any updates.

It does seem useful to archive an encrypted copy, with its encryption or recovery key being the only things that could open it.

On previous password managers you could either export an encrypted copy, or find a local directory where it lives and simply make a compressed zip file copy from it. Plop a data on the file name and done.

1 Like

I would very much like this too please.

I am used to including my KeePass vault in my daily laptop cloud backup. No user interaction needed.

Also need this for Organisations.

And of course a way to restore the encrypted backup if the Bitwarden cloud vault becomes corrupt.

1 Like

This is a critical feature for me as well.

2 Likes

Seems the going method is to export CSV and encrypt that (AES-256 inside a Disk Utility .dmg disk image or similar).

But then you’ve had an unencrypted version on your machine momentarily which I’m not keen of. It’s unfortunate there’s no backup feature that makes an encrypted file that can only be decrypted with that same password as the original.

Unfortunately that’s a crappy workaround. :frowning_face:

1 Like

I never appreciated how difficult it must be to design software that can export an encrypted copy of the database, which uses the same passphrase to decrypt it. That’s how both my previous PW Manager Apps did it (Splash ID & mSecure). I’m fairly certain Enpass and others are similar.

Curious to know what prevents Bitwarden from doing the same.

I looked into doing this KeePass backup method. Still a disadvantage of an unencrypted database on your machine, even momentarily.

And of course having to match fields of the export / import (and restore export / import).

Attachments not included (lesser issue for me, basic backup of database is most important).

If there was a way to download the encrypted database to your machine, that seems best. As long as it was built to restore this way, to have this older / backup database replace a corrupted / locked database - should that ever occur.

I’m hoping my current method of exporting .json / .csv and storing inside an encrypted disk image .dmg (AES-256) doesn’t have any loopholes.

-Mark
“It’s not data until it’s backed up” :slightly_smiling_face:

1 Like

+1 Lack of a real backup is probably the most obvious missing feature to achieve parity with the other major password managers.

3 Likes

+1
It’s very important!

1 Like

+1 I am giving up KeePass due to ongoing corruption when using cloud drives to share file. At least it had a backup for when things go wrong. Counting on this not ever getting corrupted, but what if???

Yep this is a very useful feature. It is similar to the Encrypted export feature.

It can be merged

Seems pretty similar to Encrypted export, which is already on the roadmap and should be developed soon.

1 Like

Encrypted database backup (as opposed to unencrypted CSV / JSON) is definitely the essential thing with this request. But I imagine a database backup could also include additional information not presently included in the CSV (password history, URI matching settings, etc. Possibly even attachments - more on this below) adding even more value, and less adjustment, if you ever were to re-import from the backup.

It would be nice to have the option to include (or not) attachments with the database export as well. Since the CSV doesn’t include attachments. Not knowing how attachments are stored (or how difficult it’d be to include/exclude), I’d say that’d be low priority, but nice to have the option.

Also nice to have, but perhaps not necessary, the option to encrypt it with a different/unique password from the master password.