How to back up the Trash folder before clearing it?

Hi community, I want to back up my trash folder before emptying it, but just realized that the password export function does not include the Trash folder items. The UI should warn users that the Trash folder contents are not exported. I was this close to just emptying it … phew.

For context, I have several thousand (yes, several thousand) logins in my Bitwarden trash folder. Given that the iOS app sometimes suggests items from the Trash folder, I want to empty the Trash. However, I can’t say for sure that there are zero “good” items in the Trash. Thus, the desire to export. (Besides, I’m also afraid of Bitwarden auto-clearing my Trash.)

Would the following approach be risk-free?

  1. Export passwords with items still in Trash (Backup A, excludes Trash)
  2. Restore all passwords from Trash
  3. Export passwords again (Backup B, includes Trash)
  4. Delete all passwords from vault
  5. Import Backup A
  6. Delete Backup A
  7. Keep Backup B (which includes the Trash)

Would this restore everything to the previous state, including folder structures, etc.?

Given how sensitive the information is, I don’t want to risk anything without getting some additional eyes on it first, ideally from the devs. Thank you!

I think the best approach would be to only use Trash for credentials that you definitely don’t need any more. If you have a login that you think you don’t need, but there’s a small chance you might in future, don’t trash it. Add it to a folder to keep it separate instead.

Think of it like a physical rubbish bin - you wouldn’t go through it item by item before taking it outside. You presume that everything in it is trash and not needed any more. It’s the same with Bitwarden’s Trash folder.

In your position, I would go through the Trash folder item by item and keep anything you think is “good”, remove the rest.

Impossible. Most of the trashed entries are the result of an “involved” merge process from various sources. Records will look similar but not be exactly the same. Would have to compare every single field.

Then move them all out of the Trash folder and back into a regular folder. I wouldn’t leave anything that might be required in Trash.

When I started using Bitwarden, I imported many, many years’ worth of credentials from Chrome. I painstakingly went through every entry and tidied it up - correct name, match detection, removed old entries, etc. It took a while, but it was worth it in the end.

1 Like

This would probably put them back into the folders where they came from, right? And that would create a huge mess. What’s wrong with the approach that I proposed?

The approach you’ve suggested sounds like it would achieve what you’re after. It’s just kicking the problem further down the road though. If it turns out you need to recover one of the passwords you trashed later, you’ll have to go through similar steps. However, presumably your vault will have changed in the meantime, so you’ll have to be careful.

If it’s an unencrypted backup then I suppose you could manually retrieve credentials from it later. As I said though, I would definitely spend time fixing the problem at source. That way you won’t have any issues in the future.

@B0UNC3R Just a note that you should probably make a decision soon.

The trash was designed to have a 30-day TTL: Vault Items | Bitwarden Help & Support, but it is currently broken as discussed in Trash TTL not working

A fix is going in soon to get this working. Once it does, it will erase anything in trash older than 30 days:

OK, then I’ll just dump an unencrypted backup to ramdisk, encrypt it manually, and probably never touch it again. It’s more about peace of mind.

Well then I pray for Bitwarden Cloud users that they don’t have any important stuff in their Trash. I guess at most 10% of users picked this up in the documentation.