Shouldn’t be a feature, should be standard with the export function.
There is even no warning as soon you do your export.
1 Like
I do get a warning in Chrome extension version 2024.5.2, Windows desktop 2024.4.1 and in the web vault. Are you maybe running an old version?
Also, I asked in one of the vault hours a few months ago and exporting attachments is in the pipeline.
1 Like
Hi and thanks,
I am using the Firefox extension 2024.4.2, the android app 2024.5.1 and the Linux Client 2024.5.0 and I do not see any of that text in your screenshot. I am not using the web vault. As far as I can see, that are the latest versions for my programs.
Also, I asked in one of the vault hours a few months ago and exporting attachments is in the pipeline.
That would be good. I noticed unfortunately too late that the export/import that I did removed all my attachments. Was quite a surprise and not in a good way.
Might be that I pay for “family” and have an “organization”.
This does not show on the iOS mobile app.
This seems like a good idea in theory. However, the backup file might get a bit large, especially with attachments that are 10MB+ in size.
I think a nice alternative for Bitwarden would be to allow .zip attachment exports. Yes, that would mean that your password backup JSON/CSV would be separate from the attachments, but it would be nice to be able to export all attachments at once.
3 Likes
Is it possible to re-import that zip file with all attachments and everything is back in place? All attachments are back at their place?
From the PR,
No importing is added. Since the data.json is included, that can be imported for now, but we could add full zip + attachment import in a second step"
2 Likes
Just unencrypted export for now. Might add import & encryption in a separate PR, but it will probably take a while until I come back around to it. Not sure. But the filestructure would allow it.
I would love to see this without the data.json (at least until such time that encryption can be added).
1 Like
Yeah, I saw the same comment on Reddit. I’d rather encrypt the data.json and all attachments, so it still makes sense as an importable export of the vault. But very valid point.
1 Like
Attachments could be uuencoded and decoded.
For cloud users, how are attachments stored right now (binary or uuencoded)?
I think I saw a recent release note of an issue in a browser where when clicking an attachment it would open into a new tab; thereby viewing the attachment.
A fix was implemented it so that this could be downloaded instead 
. So proof that this can be done.
How this has still not been implemented as an opt-in toggle when exporting your vault is baffling.
Not me but a video I discovered in my feed:
3 Likes
It’s now in the new January 2025 roadmap and therefore “in development”:
1 Like
I’ve seen a lot of these comments regarding attachments. To me I think people are trying to use their password manager (Bitwarden in this case) as a cloud file storage mechanism. Granted, I guess it can be done but my personal opinion is to keep documents outside of my password manager. Cloud storage solutions are designed specifically for that type of thing, also I dislike having all of my cows in one basket (for the same reason, I don’t store any TOTP codes in Bitwarden). But that’s just me and I’m not saying others are wrong to want this. However, I do think it’s going to require additional complexity to be able to store documents inside the password manager. More complexity often results in an opportunity for more bugs and an increased attack surface.
In my case, and I think it’s a common one, I use the attachments to store SSH keys, or other encryption keys non in plain-text format.
In my opinion it makes sense to store these in an encrypted password manager, and it would be nice to have them exported too in the backup.
3 Likes
In that case I’d agree, if I used SSH keys I’d want that as well.
Perhaps those could be stored as a different type of Entity (Login, credit card, etc.) thus be easily backed up just as the existing types are.
It’s the idea of storing documents (manuals, etc.) that I think pushes the envelope of what a PW manager should do.
But again that’s just me.
To give a bit of context, there are currently two approaches being looked at; CXP as the long-term approach for secure transfer of credentials, and ZIP exports as a short-term means to provide an export that includes vault data and attachments.
In my case, and I think it’s a common one, I use the attachments to store SSH keys, or other encryption keys non in plain-text format.
Perhaps those could be stored as a different type of Entity (Login, credit card, etc.) thus be easily backed up just as the existing types are.
SSH keys specifically are better stored as the new, fifth item type - SSH keys - and are included in the regular json export. They were meant to roll out in the December release, but due to a few remaining bugs they were delayed. If there are no more unforseen issues, they will roll out next release.
3 Likes