DEV Community

loading...
Cover image for Migrating  from Lastpass to Bitwarden. I'm changing password manager πŸ™…

Migrating from Lastpass to Bitwarden. I'm changing password manager πŸ™…

Daniel Diaz
Self-taught Python/Django Developer, Technical Writer, and long-life learner. I enjoy creating software from scratch and sharing knowledge with stunning technical articles.
Originally published at developerroad.herokuapp.com ・Updated on ・4 min read

Before reading

Full Disclaimer

I'm not being benefited by any means by writing this article. I just wanted to share my experience, using different kind of tools. All is based in my opinion after reviewing these password managers and shouldn't be taken as a suggestion to use one product or another.

As a developer I'm worried about the tools I use everyday and I took this space as a way of sharing my thoughts on it.

If you have some opinion about this post please let me know in the comment section.

So without further delay, let's get into the article.

Lastpass is totally fine

Lastpass is a great product, that's all. If you have a paid subscription I think you won't have any problems with it.

The problem comes when you analyze the free version of it. Recently Lastpass has changed the way you can use it's free version. Now you can only access your data either by Desktop or by the mobile app.

So this weekend I decided to migrate from Lastpass. I researched a lot about the bests password managers avaiable and I had two requirements:

  • It must be a full featured password manager:
    • 2FA, Auto fill forms, web extensions, mobile app
  • It must have a very good free plan

Finally I get with a PM (Password manager), that filled out these requirements, Bitwarden

Advantages of Bitwarden

  • It's open source. Nothing is more free as in freedom
  • It has a extremely good ecosystem:
    • Web extensions in all modern browsers
    • Mobile app
    • Desktop app
    • Even CLI tools
  • An easy way to import all kind of data
  • End to end encryption
  • 0 data breaches until now
  • Personal and Business plans

So if you want to migrate your passwords, follow the following steps.

Migration process

First you'll need to create a personal account in Bitwarden. But currently the home page of Bitwarden don't show the create personal account button that clear.

image

So you'll need to scroll down up to the bottom and take a look at Bitwarden's pricing section.

As you may notice all the options are guided to create an organization account, therefore if you want to create a personal account you must click in the personal plans tab.

image

After that, the personal plans menu will be shown, and now you can create a free account by clicking the create a free account button.

Don't worry the paid plans are totally optional, and probably you'll get more of what you need with a free account.

Next you will be redirected to a signup page:

image

Advice: Create a fully memorable, long and secure master password. Since it's a master password you won't have any option to recover it.

Example of a good MP: MykeyBOARD-is#brokenSINCE2020

As you may notice it contains a lot of characters and numbers, but it's fully memorable, and there is a high probability of not forget it.

Now that you've signed up, you have to login with the credentials. Then you'll be redirected to your brand new Bitwarden vault.

image

Don't forget to verify your email.

Exporting and Importing all of your passwords

At this point, you must login into your Last pass account and enter into your vault.

Exporting

After that go to Advanced options>Manage your vault> Export

image

Click on that button and re enter your Lastpass master password.

image

After that, all of your passwords will be stored in .csv file in your local computer.

WARNING: All of the data that is stored in that .csv file will be just plain text. That means that your passwords won't be encrypted. So right after you import your passwords to Bitwarden (Or any password Manager), you must delete the password file.

Importing

This time I'll do it in the online vault, but you can do it with the app, or extension too.

  1. Go to your Bitwarden Vault
  2. Click on the tools link
  3. Click on the import data option
  4. Select the Lastpass csv format image
  5. Select the last pass .csv file you downloaded
  6. Click in import data

Now your Bitwarden's vault should have all of your passwords imported from Last pass.

If you have any errors importing the best option is to read the bitwarden Documentation

Installing the browser extension

Choose and Install Web extension

image

Installing the mobile App

Choose and Install Mobile app

image

Enabling Auto fill in Bitwarden

To enable the Autofill as the Last pass app does, go to Settings>Auto-fill> and check the Auto-fill service label.

Enable Bio metrics

If you want to unlock Bitwarden with your bio metrics, go to Settings>Security>Unlock with biometrics.

Deleting Last Pass account?

After importing my passwords and testing out Bitwarden, and it's features definitely I won't need Last pass again.

So what reasons do I have to leave my Lastpass account with all of my passwords out there?

If you think you won't need your Lastpass account again I recommend you to delete it. Or at least resetting it, to don't store any sensitive data in an inactive account.

Conclusion

Bitwarden by it self looks, from my perspective, a simple to use and more intuitive product, and it has everything you would expect from a good password manager.

These facts, combined with the restriction-less of using both, mobile and desktop, the options we get from Bitwarden (CLI, extension, Desktop/Mobile app) and the product being open source, were what made me change from last past to bitwarden.

Discussion (46)

Collapse
moopet profile image
Ben Sinclair

I moved to Bitwarden after someone mentioned it on a post here a while ago and I've had no regrets. Its interface clearly takes some hints from the LastPass one, so everything's familiar.

I'm not so bothered about paying a small fee for something, but as soon as I found that Bitwarden was free software it became a no-brainer. Other good options are things like pass or Keepass*.

Collapse
danidiaztech profile image
Daniel Diaz Author

I'm totally agree with you. Changing from Lastpass to Bitwarden was extremely easy due to it's interface. The good part is that I can access my passwords from everywhere, without restrictions

Collapse
gredelston profile image
Greg Edelston

Especially with the LastPass export --> BitWarden import!

Collapse
technoglot profile image
Amelia Vieira Rosado 🐣✨

Hey @daniel1404 , great post!

Recently Lastpass has changed the way you can use it's free version. Now you can only access your data either by Desktop or by the mobile app.

Not gonna lie, this ruined the experience for me! 😀 I find it so restricting now. I get that they are a business and want to make money by all means necessary, but to cut features out of the FREE plan is....unforgivable.

I'm bookmarking this one, in case I ever wanna migrate. Thanks for sharing, this one's almost God sent! 😁

Collapse
danidiaztech profile image
Daniel Diaz Author

Wow, I'm really grateful you found this post useful. 😁

I found really useful the Bitwarden password manager, and it's open source so it's gain and gain situation!

Collapse
technoglot profile image
Amelia Vieira Rosado 🐣✨

and it's open source

Holy cow! 😲 I better pack my bags and leave LastPass for good! πŸƒπŸ»β€β™€οΈ

Collapse
lesha profile image
lesha πŸŸ¨β¬›οΈ

My main problem with Lastpass is that it doesn't let you make a single entry for several domains. Example: I use both Protonmail and ProtonVPN, they are different domains but they share accounts. More often than not Lastpass nags me about this and I have no way to tell it that it's fine.

Does Bitwarden have this problem?

Collapse
iancleary profile image
Ian Cleary (he/him)

There is a feature in LastPass for equivalent domains in the settings. That enables a password for one domain to be used or show up for multiple domains.

I’m not sure if Bitwarden has this feature, but that is what I’d look for in any password manager for your problem. Cheers!

Collapse
bazwalt profile image
Andrew Oskam • Edited

Depending on the domain you can make your domain name use , kind of, variables. It uses extended syntax I think it's called. I did so for a work app that changes domain. IE domainname1.com.au and where the number is the syntax accounts for any variation from 1-9.

Collapse
eijiuema profile image
Gabriel Eiji Uema Martin

You can match domains, servers, exact URIs, regex or even add multiple URIs to a single credential.

Collapse
codeco profile image
CodeCo

No, you can add multiple domains to a single login on Bitwarden.

Collapse
danidiaztech profile image
Daniel Diaz Author

Well I think the only solution is to copy the same data for both sites πŸ˜‚.
Or just make your own password manager!

Collapse
cescquintero profile image
Francisco Quintero πŸ‡¨πŸ‡΄

Hey, thanks for sharing this.

I was willing to pay the Lastpass plan but I haven't been able to do the payment (their platform doesn't let and support doesn't help me). I guess I'm moving to Bitwarden... And it's personal plan is cheaper :D

Collapse
danidiaztech profile image
Daniel Diaz Author

I'm glad you find it useful!

Collapse
cescquintero profile image
Francisco Quintero πŸ‡¨πŸ‡΄

And I moved just yesterday xD It was so easy peasy I couldn't believe it xD

Collapse
c4s4r profile image
Maik

Nice article about the migration! I also recently moved to Bitwarden and love that it's open-source.

However, you should keep in mind to delete by overwriting the export-file and not "just" delete it in the file browser. Otherwise it could be restored in the future and leak all your passwords. This is a big security vulnerability!

Collapse
danidiaztech profile image
Daniel Diaz Author

In Linux I just do:

rm  -rf passwords.csv
Enter fullscreen mode Exit fullscreen mode

That will delete the passwords file without placing it in the trash

Collapse
c4s4r profile image
Maik

Yes and no. It will delete the file in the eyes of the user by freeing the linked data blocks on the drive. Physically the data is still there.
Therefore it is important to overwrite these data blocks, for example by using shred -u -n 10 passwords.csv.
Otherwhise these data blocks could be restored later.

Thread Thread
danidiaztech profile image
Daniel Diaz Author

Wow, really interesting!
You taught me something today πŸ˜„

Collapse
jonrandy profile image
Jon Randy • Edited

I've recently had to start using LastPass as it is used at my current workplace. After using 1Password for a long time (which is superb), I was absolutely shocked at how awful LastPass is... I really don't know how anyone puts up with it.

Bitwarden looks interesting though, might give it a try

Collapse
danidiaztech profile image
Daniel Diaz Author

I strongly suggest it. And it's easy to import all of your data

Collapse
cv profile image
CharlesV

Thanks Daniel for this tutorial !

I did the same move a few weeks ago, and Bitwarden is really a nice solution.

The auto-fill option was better with LastPass (still in experimentation in Bitwarden), but except this, it works like a charm.

Collapse
danidiaztech profile image
Daniel Diaz Author

I still testing the Auto fill feature. But at the moment it seems great

Collapse
superfola profile image
Alexandre Plateau

Good to know that you can host your OWN version of the bitwarden servers through docker containers, for free, and thanks to the open source community, a developper rewrote the whole bitwarden docker stack in Rust, removing all the paywalls. Thus i have every prime feature for free, on my own server!

Collapse
gmkumar08 profile image
Manoj Kumar

I've also migrated from LastPass to BitWarden recently and I'm loving it. My only issue is that when using Chrome browser with BitWarden extension, it never prompts to save credentials, and looks like I'm not the only one facing this: github.com/bitwarden/browser/issue...
Anyway, this is not going to stop me from using it. I'll switch browser if I have to :)

Collapse
johhansantana profile image
Johhan Santana • Edited

I was also thinking on migrating to a different one but I concluded that I could use my iPhone for LastPass even if you want to login in your Mac since when you copy something on your iPhone, let say your password, it will be available to paste in your Mac as well.

So, open LastPass in iPhone, copy your password, then paste in Mac.

Collapse
danidiaztech profile image
Daniel Diaz Author

Good solution for Apple users!

Collapse
johnkazer profile image
John Kazer

I don't really understand this desperate urge for a free password manager. Seems to be a lot of discussion about this particular change from lastpass. But it's important data! Surely it's worth paying a bit for a decent system?

Sure, if you really do get the same service for free...

I do also wonder how long bitwarden will keep that same free service as more people join?

Collapse
gredelston profile image
Greg Edelston

I switched from LastPass to BitWarden, too, after reading about their new free-plan rules earlier this year. BitWarden works a treat: after two months, I have no complaints whatsoever.

Collapse
_ypbr_ profile image
ypbr

I have migrated to bitwarden about one year ago. I am totally happy with bitwarden. It has also an option to create a family plan and share your desired passwords with your family members. Btw you can create your own password manager server.

Collapse
spiderhawk profile image
Art Cowles

I made the switch least year and couldn't be happier. I also love that it has a built in Authenticator for 2 factor

Collapse
thelogicwarlock profile image
Kaemon Lovendahl

I did the same thing and I don't regret it at all.

Collapse
manuthecoder profile image
π™ΌπšŠπš—πšžπšƒπš‘πšŽπ™²πš˜πšπšŽπš›

Thanks for sharing!

Typically, I don't use any password managers, just for security ;).
But I'll recommend it to my friends!

Collapse
danidiaztech profile image
Daniel Diaz Author

I think that password managers are really secure. In fact Bitwarden has never had a data breach.

Collapse
manuthecoder profile image
π™ΌπšŠπš—πšžπšƒπš‘πšŽπ™²πš˜πšπšŽπš›

I just don't have the habit of storing passwords ;)

Collapse
victorgm profile image
VΓ­ctor GΓ³mez

Ever since I moved to Bitwarden I didn't look back even once. I got it in all my devices and absolutely love the browser extensions!

Collapse
daultaniishann profile image
Ishann Daultani πŸ‘¨β€πŸ’»

Excellent choice . using bitwarden since past 1 year no regrets

Collapse
ehcio profile image
Eduardo C

There’s no free lunch, lastpass is at a stage they need to monetize more users, how do you know at a certain point bitwarden won’t do the same.

Collapse
devdushyant profile image
Dushyant Patel

Bitwarden can also be self hosted.

Collapse
alex10065454678 profile image
Alex10_0

I've done literally the same thing when I heard they're adding a paywall to having lastpass on 2 accounts

Collapse
alex10065454678 profile image
Alex10_0

Like man I'm okay with not having all fancy features on my account but only 1 account at a time?

Collapse
berviantoleo profile image
Bervianto Leo Pratama

I moved to Bitwarden too after the LastPass announce about Free Account limitation. So far I feel the Bitwarden good choice for now.

Collapse
rifat17 profile image
rifat17

Well, I am using UNIX pass manager. It is awesome, you may try.

Collapse
andreas_scheucher_7e34163 profile image
Andreas Scheucher • Edited

You should rethink your master password advice. It’s based on some words, which are easily breakable with a dictionary.

Much harder to break and easy to remember, less to type:

a longer sentence, use the first characters in their correct case.

Collapse
scottnd profile image
scottnd

Nice guide.

My only thing is people making such a big deal about LastPass not allowing you to have both mobile and desktop for free...it wasn't always like that.

I've been a LastPass premium subscriber since 2009. Back then you had to have a premium account in order to use the mobile app. It wasn't until 2016 that the mobile app was allowed to be used by free accounts.

To me, they sort of went back to how it used to be. With their change now, you need the paid account if you want to use both. But free accounts can pick one of the methods they would like to use...originally free accounts only had the desktop/browser version.

And prior to me using LastPass, I used Keepass. It was good for what I needed at the time, but became an issue for me when trying to keep things sync'd even with storing the database in dropbox.

Collapse
danidiaztech profile image
Daniel Diaz Author

Well, I just gave a really good alternative for lastpass that is open source.

But as I said at the starting of the article, Lastpass is totally fine and a great product.