Advertisements

Posts Tagged KeePass

Migrating password data from 1Password to KeePass

I’m compelled to write this because I migrated some password data from 1Password to KeePass and it wasn’t as straightforward as it should have been, and the KeePass 1Password importer didn’t work for me.

Mind you, this will only migrate data from your Logins, not Wallet, Accounts, Software, Secure Notes, Identities, or Generated Passwords. You’ll have to move this data over manually.

So, here goes. This was done with 1Password 1.0.9.305 and KeePass 2.20.1.

Open 1Password and unlock your database.

Click File > Export, and export All Logins as Tab-delimited text.

Save your exported file somewhere where you’ll be able to find it.

Now open KeepPass and create a new database (File > New…)

After creating your database, click File > Import.

Select Generic CSV Importer, and select the file you exported previously, then click Ok.

On the importer screen, click the Structure tab and change only the settings as follows:

Under Syntax

Change Field Seperator to {Tab}

Check Ignore First Row

Under Semantics

Move the fields in the following order:

  • Title
  • Notes
  • User Name
  • Password
  • URL

Here’s a screenshot as a visual aid:

1p_kp_csv

You can click the Preview tab to verify things are in order.

Click Finish, and your items will be imported under the main group (which was called NewDatabase in my case).

Comments are welcome below. Thanks for reading!

Advertisements

,

Leave a comment

Why good password practices are no longer optional — Part 2

In part 1 of this two-part series, I mentioned some of the fallacies and misconceptions in password practices. If you haven’t read it, I suggest you click here to read it now. In this part I’ll discuss a few methods for storing and securing your strong passwords themselves. It’s not as hard as it sounds, and there are lots of ways to do it. I’ll describe a few different approaches below and a few pros and cons of each one:

Paper and pencil (or pen)

I’m taking it back to the basics here. Write down your passwords in an address book, rolodex, or other suitable organizational booklet. However, don’t store this near your computer. There are some simple solutions that can help you think of — and remember — complex passwords, such as this idea from IdeaShower.com.

ProsHelps you keep organized track of username/password and security question/answer combinations easily and inexpensively. Durable and long-lasting.

ConsCan be easily compromised. Someone who knows where your password book is can still gain access to your accounts.

A simple text file, Spreadsheet, or Database

This is one step beyond the paper  method above. Storing your passwords in a simple database can do the same as above, as well as keeping it quickly sortable and searchable. However, if someone gains access to your computer or hard drive, it can be compromised. A few examples of this are a text file, an Excel spreadsheet, or an Access database.

ProsEasier to organize, search, and update than a paper file.

ConsCan be compromised if unauthorized access to your computer occurs, such as through a trojan or virus. Can be lost, corrupted, or become outdated if backups are not made and maintained.

An encrypted text file, Spreadsheet, Database, or specialized software

An encrypted database can offer you the same ease-of-use of the electronic storage method, while providing an extra layer of protection in case someone gains access to your computer’s data. There are several software programs which are designed for encrypted password storage, such as KeePass1PasswordPassword Safe, or the Firefox extension Password Hasher (though it’s not clear if it stores its password in encrypted databases or not). Though some of these can be pricey, the peace of mind and organization they provide is often times priceless.

ProsMany of the same advantages as simple file storage while providing an additional layer of security against unauthorized access. Free software programs are available. Specialized software can also assist in generating strong passwords.

ConsJust as the encryption protects against unauthorized access, you can lose access to your database if you forget the password. Store it securely. Non-free software can be pricey.

Cloud-based, encrypted password storage

Cloud-based password storage attempts to combine the best of encrypted storage as well as worry-free backup and syncing across all your devices. Keep in mind when choosing cloud-based storage that you’re placing your trust in the availability and security of the provider. Make sure that if you choose a provider that you carefully review their encryption choices and availability of an optional 2-factor authentication method.

My personal favorite in this category is LastPass. LastPass is free to use the website and browser extension, and they offer a premium subscription which allows you to access your password vault from a mobile device for $12 per year. LastPass also includes support for 2-factor authentication via a YubiKey or Google Authenticator.

(Disclaimer: I am a LastPass premium subscriber; I have not sought nor are they offering me any compensation for mentioning them in this post.)

ProsConvenient browser-based or browser extension for access and syncing of your passwords. Can auto-fill on websites. No need to worry about backing up your password file or losing it.

Cons: If your provider is compromised or goes down you could lose access to your stored passwords.

Do you have any methods of generating, storing, or securing passwords not listed above, or anything else that wasn’t covered in the above article? Please feel free to share in the comments below. Thank you!

, ,

Leave a comment