How to Safely Migrate from Lastpass to KeePassXC

By SB •  Updated: 01/22/22 •  6 min read

If you are concerned about storing your passwords “in the cloud”, KeePassXC is the best free local storage option storing passwords on your laptop, desktop, or mobile device. By keeping your passwords and sensitive account info in an offline database such as KeepAssXC, you effectively eliminate the opportunity for hackers to exploit online password software that needs to sync your passwords stored locally on your computer, with their servers anywhere in the world.

Again, KeepAssXC is a database of passwords stored locally only. This means your database is stored only on your own computer, not out “in the cloud” where you do not have any control over the server. With great power comes great responsibility, and only you are to blame if you lose your database and/or the key.

While Dropbox, iCloud, Google Drive, network shares, and USB drives can be used to share and sync the database file between the machines you use, make sure you close the file on one computer before opening it on another.  It is best to use one secure machine for all your sensitive accounts, anyway.

So now that you’ve decided to take control of your password database, before you move all your passwords and account information from the proprietary Lastpass and into the open source KeePassXC, first back up your account information by exporting it.

Can I download all my passwords from LastPass?

Export your LastPass Vault data (including passwords, secure notes, form fills, Wi-Fi passwords, etc.) as a CSV or XML file, then print a copy to keep for your own records or backup.

If you have set up different Vault identities, you can export data for all or individual identities.

How to transfer data away from LastPass

How do I save an Export in LastPass?

To export your data from a LastPass Browser Extension:

How to prepare passwords exporting from Lastpass

KeePassXC supports the importing and exporting data from and to various file formats. KeePassXC can import from over 30 other commonly used password managers.

BUT the CSV file might not be directly usable by KeePassXC just yet!

If any of your passwords have an “&” symbol in them, LastPass will encode that as &, but if you import the CSV into KeePassXC directly, it will see the string & in the passwords as exactly that, &.

This means that some logins or passwords will fail because the passwords will not match exactly.

The simple fix is to do a find/replace in your spreadsheet or text editor to find & and replace it with &. And then your CSV file will be ready to import into KeePassXC.

Note: this is unlikely, but if any of your usernames or passwords contain the exact string of &, check manually to make sure they are correct.

Why Choose KeePassXC as a Password Manager?

KeePass is for Windows only, KeepAssX is no longer actively maintained, and so I recommend the cross-platform, community-forked KeePassXC.

KeePassXC is a free open source password manager, which helps you to manage your passwords in a secure way. You can store all your passwords (or other sensitive information, really) in one database, which is locked with a master key. Do not forget this master key!

Selecting a master password (passphrase) for your password manager

DO

DON’T

How do I Import passwords into KeePassXC?

First, back up your lastpass CSV file in case you need to refer to something in there again later. Encrypt it and save it somewhere on a USB stick or external drive.

To import the LastPass CSV file:

Is KeePassXC more secure than LastPass?

KeePassXC is a free open source password manager, which helps you to manage your passwords in a secure way. You can store all your passwords in one database, which is locked with a master key. Although both Lastpass and KeepAssXC have had vulnerabilities, fixes have been made and both managers are highly secure.

KeePassXC stores your passwords locally on your own computer or server, which I consider a more secure storage method than trusting someone else’s servers.

KeePassXC is open source, and the source code is available for your review.  Plugins may or may not be open source, and care should be used when using any third-party plugins.

Browser integration for KeepAssXC is only available using plugins. There is keepass2android for cell phones and keepass2android offline if you prefer zero calls to the internet.

Can you move KeePassXC from one computer to another?

The KeepAssXC database (*.kdbx) consists of only one file, so it can be transferred or shared easily from one computer to another.

The database is just a file. You don’t need to export anything, just copy the file.

Use syncthing, FreeFileSync, or something proprietary like Dropbox to automatically sync that single file to your different devices.

You could also store your .kdbx file on a self-hosted nextcloud, owncloud or cozy cloud instance, and the keyfile on an encrypted usb drive. Require a secure password and your keyfile to open it.

SB