How to dispose off the unencrypted CSV file created for migrating to Bitwarden from other password managers

This is a general question relating to security , wanted to know your thoughts on how should i dispose of my plain text csv file as I had to shift to bitwarden from keepassxc and thus had to export the database first into a plain text csv file.I guess currently encrypted exports are not available from keepass.
So, I was wondering , to being extra cautious , would simply deleting it from your device be safe ?
Because data could be technically recovered from my hard drive although such circumstances are not likely to occur given my threat model.
But i guess there should be a guide or ways to mitigate this , maybe by an option to rewrite the CSV file with random strings of text added to every field and then delete the file would give more trust on the process and peace of mind that our passwords are infact safe.
Obviously no-one would like to change all the passwords after migrating to a new one.
Let me know your thoughts :smile:

Ah. This will all depend on your storage method.

Back in the days of mechanical hard drives, you would: encrypt the drive, wipe it, and trash it.

In today’s world you need to drop into a nice vat of acid. Forensics people are scary.

1 Like

Hello @Gaurav - welcome to the community forums!

You ask a very good question, and there is no one correct answer as you point out. I think it is really personal choice based on your risk tolerance and your setup.

If you are using an encrypted drive (e.g., Bitlocker on Windows, FileVault on Mac), then deleting a file from the Recycle Bin/Trash is probably sufficient. But if you aren’t on an encrypted drive, particularly if it is a hard disk drive (less of an issue for SSDs), then I agree that it may be possible for someone to recover your plain-text csv file from your drive if they had access to it.

There are many secure-delete options out there, but they vary by operating system. For example, if you are on a Mac, you can open a terminal window and use the command:

rm -P filename.csv

to securely delete a file. There are also plenty of third-party apps that do the same thing, if one prefers. I use encrypted drives, so I don’t bother, but otherwise using secure delete tools may be a wise practice.

1 Like

Thanks for your Response :blush:. It was helpful.
As you mentioned about secure delete tools i was able to search for some of the tools for my windows computer without bitlocker. There are certain open source utilty for example “Eraser” that can be used for it , Also i found out that there is a buit-in windows command for it called “cipher”. From powershell we need to use the command
Cipher /w:C:\<filepath>
This will rewrite that particular space.
Thanks :blush::+1:

1 Like

Here are a few options…

Compress the file with a password using 7Zip or another compression utility. Once zipped, drop it in the trash, then empty the trash.

For even more security, download an encryption app such as VeraCrypt, then encrypt the file. Once encrypted, you can trash it. Even if the files are recovered, they’ll be unusable.

Alternatively, you can obtain a “file shredding” utility. Shredding not only deletes the file, it overwrites the space where the file resided with 1s and 0s. Some utilities allow you to specify the number of passes for the overwrite, for enhanced security.

1 Like