Smart Import from KeePass

I was not sure if I should post the topic under “Support” or under “Feature Requests” but I decided to put it under Support.

I am using KeePass and there I have 962 entries (if you search for an empty string you get all entries so here this number is real):

  • Many entries are logins to websites
  • But I also have many logins to applications (where I have an auto-type-sequence)
  • Some entries have multiple auto-type-sequences (like Steam, here I log into the application differently than to the website)
  • I also have many software licences stored in KeePass
  • For 17 entries I also stored the 2FA key (TOTP) via the Plugin KeeOTP
  • Some entries have attached files
  • Many entries have user-defined fields (custom fields)
  • Some entries are expired (Expiry Date is in the past), but I want to keep them
  • I have many user-defined icons for the entries (for folders and entries that have no URL)

I did not try out the import from KeePass yet, but I assume that not all of my features are supported.

I also know that the best way to “import” logins for websites is to log into the website using KeePass and then let Bitwarden store the login as new entry (so also the information about the field names is stored).

But what about the rest of my entries?

Does Bitwarden import the TOTP from KeePass?
The KeeOTP plugin creates a custom field called “otp” and stores the key like “key=xxxxxx” (where xxx is a string value that also can contain “%3d”, whatever that is).

Does Bitwarden import all User-Defined fields from KeePass?
I added fields like “Registration Data” where I have a multi-line text stored.

Does Bitwarden also import the password history?
In KeePass there is a history of changes.
The Plugin HaveIBeenPwnd uses this history to find out when a password has been changed.
Then this plugin looks up the database at https://haveibeenpwned.com/ and tells me what passwords I have not changed after the breach (so what passwords I have to change).
If you do not import the password history then I have to change the passwords of all entries that have an URL manually (so in Bitwarden I have a password change date).
I have 695 entries that have an URL stored, so I would have to change at least these 695 entries).

You see that importing data can mean a lot of work for me.
And I want to avoid this mass of work and hope that Bitwarden has some features that help me.

Best regards

OLLI

3 Likes

I am using keepass too, so keen about the answers to your questions, @OLLI_S

I just migrated from KeePass myself, so I can answer this.

  • All custom fields will be migrated
  • Auto-type isn’t supported
    • I never used it personally, so I don’t know if it will copy the sequence to a custom field or not
  • TOTP keys are only migrated as custom fields
    • You’ll need to manually copy the key from the custom field to the TOTP field
    • I tested with both KeeOTP and TrayTOTP
  • Attachments did not migrate at all
  • Expiration dates did not migrate at all
    • Expired entries DID migrate, however
  • No support for custom icons
    • Folders don’t have icons
  • Bitwarden doesn’t have a history feature, so that won’t migrate
    • The “Exposed Passwords” option in the “Tools” menu will tell you which accounts are using known leaked passwords, so there’s something
    • The “Data Breach Report” is pretty basic, manual search for a single email or username

I also want to note that attachments and TOTP are premium features. I didn’t buy a subscription until after I imported everything from KeePass, so it’s possible the attachments could migrate if you get premium beforehand.

3 Likes

@kabi-chan Thank you for all your answers.

Hi everyone. there is a resource available … about besides importing the bitwarden file format to be keepass or to integrate keepass with bitwarden. Please see this: integrate-keepass-with-bitwarden and here exporting-data-from-keepass-into-bitwarden

I just made a small Python script to translate or move the TimeOtp from a KeePass file to Bitwarden.

It needs a process.

  1. Using the KeePass 2 desktop application, navigate to “File” > “Export” and select the “KeePass XML (2.x)” option.
  2. Import the file in your Bitwarden Vault, using “Tools” > “Import” and selecting “KeePass 2 (xml)”
  3. Export the Bitwarden Vault. Go to “Tools” > “Export” and select “.json”
  4. Edit this Python script (Convert TimeOtp from KeePass to Bitwarden or Vaultwarden · GitHub) to find your just exported .json file on line 2, and on line 21 write an export filename.
  5. Run the Python script. Will create a new .json
  6. Purge your Bitwarden Vault. Go to “Account Settings” > “Purge Vault” > type your password
  7. Import the file in your Bitwarden Vault, using “Tools” > “Import” and selecting “Bitwarden (json)”

Done!

1 Like