Before reading
Full Disclaimer
I'm not being benefited by any means by writing this article. I just wanted to share my experience, using different kind of tools. All is based in my opinion after reviewing these password managers and shouldn't be taken as a suggestion to use one product or another.
As a developer I'm worried about the tools I use everyday and I took this space as a way of sharing my thoughts on it.
If you have some opinion about this post please let me know in the comment section.
So without further delay, let's get into the article.
Lastpass is totally fine
Lastpass is a great product, that's all. If you have a paid subscription I think you won't have any problems with it.
The problem comes when you analyze the free version of it. Recently Lastpass has changed the way you can use it's free version. Now you can only access your data either by Desktop or by the mobile app.
So this weekend I decided to migrate from Lastpass. I researched a lot about the bests password managers avaiable and I had two requirements:
- It must be a full featured password manager:
- 2FA, Auto fill forms, web extensions, mobile app
- It must have a very good free plan
Finally I get with a PM (Password manager), that filled out these requirements, Bitwarden
Advantages of Bitwarden
- It's open source. Nothing is more free as in freedom
- It has a extremely good ecosystem:
- Web extensions in all modern browsers
- Mobile app
- Desktop app
- Even CLI tools
- An easy way to import all kind of data
- End to end encryption
- 0 data breaches until now
- Personal and Business plans
So if you want to migrate your passwords, follow the following steps.
Migration process
First you'll need to create a personal account in Bitwarden. But currently the home page of Bitwarden don't show the create personal account button that clear.
So you'll need to scroll down up to the bottom and take a look at Bitwarden's pricing section.
As you may notice all the options are guided to create an organization account, therefore if you want to create a personal account you must click in the personal plans tab.
After that, the personal plans menu will be shown, and now you can create a free account by clicking the create a free account button.
Don't worry the paid plans are totally optional, and probably you'll get more of what you need with a free account.
Next you will be redirected to a signup page:
Advice: Create a fully memorable, long and secure master password. Since it's a master password you won't have any option to recover it.
Example of a good MP: MykeyBOARD-is#brokenSINCE2020
As you may notice it contains a lot of characters and numbers, but it's fully memorable, and there is a high probability of not forget it.
Now that you've signed up, you have to login with the credentials. Then you'll be redirected to your brand new Bitwarden vault.
Don't forget to verify your email.
Exporting and Importing all of your passwords
At this point, you must login into your Last pass account and enter into your vault.
Exporting
After that go to Advanced options>Manage your vault> Export
Click on that button and re enter your Lastpass master password.
After that, all of your passwords will be stored in .csv file in your local computer.
WARNING: All of the data that is stored in that .csv file will be just plain text. That means that your passwords won't be encrypted. So right after you import your passwords to Bitwarden (Or any password Manager), you must delete the password file.
Importing
This time I'll do it in the online vault, but you can do it with the app, or extension too.
- Go to your Bitwarden Vault
- Click on the
toolslink - Click on the import data option
- Select the Lastpass csv format
- Select the last pass .csv file you downloaded
- Click in import data
Now your Bitwarden's vault should have all of your passwords imported from Last pass.
If you have any errors importing the best option is to read the bitwarden Documentation
Installing the browser extension
Choose and Install Web extension
Installing the mobile App
Choose and Install Mobile app
Enabling Auto fill in Bitwarden
To enable the Autofill as the Last pass app does, go to Settings>Auto-fill> and check the Auto-fill service label.
Enable Bio metrics
If you want to unlock Bitwarden with your bio metrics, go to Settings>Security>Unlock with biometrics.
Deleting Last Pass account?
After importing my passwords and testing out Bitwarden, and it's features definitely I won't need Last pass again.
So what reasons do I have to leave my Lastpass account with all of my passwords out there?
If you think you won't need your Lastpass account again I recommend you to delete it. Or at least resetting it, to don't store any sensitive data in an inactive account.
Conclusion
Bitwarden by it self looks, from my perspective, a simple to use and more intuitive product, and it has everything you would expect from a good password manager.
These facts, combined with the restriction-less of using both, mobile and desktop, the options we get from Bitwarden (CLI, extension, Desktop/Mobile app) and the product being open source, were what made me change from last past to bitwarden.
Top comments (42)
I moved to Bitwarden after someone mentioned it on a post here a while ago and I've had no regrets. Its interface clearly takes some hints from the LastPass one, so everything's familiar.
I'm not so bothered about paying a small fee for something, but as soon as I found that Bitwarden was free software it became a no-brainer. Other good options are things like
passor Keepass*.I'm totally agree with you. Changing from Lastpass to Bitwarden was extremely easy due to it's interface. The good part is that I can access my passwords from everywhere, without restrictions
Especially with the LastPass export --> BitWarden import!
My main problem with Lastpass is that it doesn't let you make a single entry for several domains. Example: I use both Protonmail and ProtonVPN, they are different domains but they share accounts. More often than not Lastpass nags me about this and I have no way to tell it that it's fine.
Does Bitwarden have this problem?
There is a feature in LastPass for equivalent domains in the settings. That enables a password for one domain to be used or show up for multiple domains.
I’m not sure if Bitwarden has this feature, but that is what I’d look for in any password manager for your problem. Cheers!
equivalent domains exist in bitwarden, migrating those from lastpass to bitwarden seems challenging
Depending on the domain you can make your domain name use , kind of, variables. It uses extended syntax I think it's called. I did so for a work app that changes domain. IE domainname1.com.au and where the number is the syntax accounts for any variation from 1-9.
You can match domains, servers, exact URIs, regex or even add multiple URIs to a single credential.
No, you can add multiple domains to a single login on Bitwarden.
Well I think the only solution is to copy the same data for both sites 😂.
Or just make your own password manager!
Hey, thanks for sharing this.
I was willing to pay the Lastpass plan but I haven't been able to do the payment (their platform doesn't let and support doesn't help me). I guess I'm moving to Bitwarden... And it's personal plan is cheaper :D
I'm glad you find it useful!
And I moved just yesterday xD It was so easy peasy I couldn't believe it xD
Thanks Daniel for this tutorial !
I did the same move a few weeks ago, and Bitwarden is really a nice solution.
The auto-fill option was better with LastPass (still in experimentation in Bitwarden), but except this, it works like a charm.
I still testing the Auto fill feature. But at the moment it seems great
Nice article about the migration! I also recently moved to Bitwarden and love that it's open-source.
However, you should keep in mind to delete by overwriting the export-file and not "just" delete it in the file browser. Otherwise it could be restored in the future and leak all your passwords. This is a big security vulnerability!
In Linux I just do:
That will delete the passwords file without placing it in the trash
Yes and no. It will delete the file in the eyes of the user by freeing the linked data blocks on the drive. Physically the data is still there.
Therefore it is important to overwrite these data blocks, for example by using
shred -u -n 10 passwords.csv.Otherwhise these data blocks could be restored later.
Wow, really interesting!
You taught me something today 😄
Good to know that you can host your OWN version of the bitwarden servers through docker containers, for free, and thanks to the open source community, a developper rewrote the whole bitwarden docker stack in Rust, removing all the paywalls. Thus i have every prime feature for free, on my own server!
I've recently had to start using LastPass as it is used at my current workplace. After using 1Password for a long time (which is superb), I was absolutely shocked at how awful LastPass is... I really don't know how anyone puts up with it.
Bitwarden looks interesting though, might give it a try
I strongly suggest it. And it's easy to import all of your data
Wow, I'm really grateful you found this post useful. 😁
I found really useful the Bitwarden password manager, and it's open source so it's gain and gain situation!
I've also migrated from LastPass to BitWarden recently and I'm loving it. My only issue is that when using Chrome browser with BitWarden extension, it never prompts to save credentials, and looks like I'm not the only one facing this: github.com/bitwarden/browser/issue...
Anyway, this is not going to stop me from using it. I'll switch browser if I have to :)
I don't really understand this desperate urge for a free password manager. Seems to be a lot of discussion about this particular change from lastpass. But it's important data! Surely it's worth paying a bit for a decent system?
Sure, if you really do get the same service for free...
I do also wonder how long bitwarden will keep that same free service as more people join?
Some comments may only be visible to logged-in visitors. Sign in to view all comments.