Posts Tagged LastPass

Migrating password data from LastPass to 1Password

This explains a fairly simple way to migrate your LastPass data to 1Password using Windows.

First, open your LastPass vault by going to https://lastpass.com and logging in.

Next, under the Actions column on the left, click Export.

For the next part, you’ll have to save the decrypted data to a CSV file. I was using Chrome when I did this, but I’m certain the instructions for any other browser aren’t too much more difficult.

When your decrypted LastPass vault data appears, click the wrench icon and choose ‘Save Page As…

In the file prompt that appears, name the file something you can remember and give it an extension of .CSV. For example, lastpass.csv

NOTE: Your exported CSV contains ALL your LastPass vault data in PLAIN TEXT.

Now, open 1Password and import your LastPass data as follows:

From within 1Password, select File > Import and select the CSV file you just exported from LastPass.

On the Select Columns screen, map the fields as follows:

  • Title -> name
  • username -> username
  • password -> password
  • location -> url
  • description -> extra

Click OK, then click “Yes to all” on the next screen.

After a few moments your password data should be loaded into 1Password.

Note: Your LastPass secure notes will import with ‘sn’ in the location field.

, , ,

Leave a comment

Why good password practices are no longer optional — Part 2

In part 1 of this two-part series, I mentioned some of the fallacies and misconceptions in password practices. If you haven’t read it, I suggest you click here to read it now. In this part I’ll discuss a few methods for storing and securing your strong passwords themselves. It’s not as hard as it sounds, and there are lots of ways to do it. I’ll describe a few different approaches below and a few pros and cons of each one:

Paper and pencil (or pen)

I’m taking it back to the basics here. Write down your passwords in an address book, rolodex, or other suitable organizational booklet. However, don’t store this near your computer. There are some simple solutions that can help you think of — and remember — complex passwords, such as this idea from IdeaShower.com.

ProsHelps you keep organized track of username/password and security question/answer combinations easily and inexpensively. Durable and long-lasting.

ConsCan be easily compromised. Someone who knows where your password book is can still gain access to your accounts.

A simple text file, Spreadsheet, or Database

This is one step beyond the paper  method above. Storing your passwords in a simple database can do the same as above, as well as keeping it quickly sortable and searchable. However, if someone gains access to your computer or hard drive, it can be compromised. A few examples of this are a text file, an Excel spreadsheet, or an Access database.

ProsEasier to organize, search, and update than a paper file.

ConsCan be compromised if unauthorized access to your computer occurs, such as through a trojan or virus. Can be lost, corrupted, or become outdated if backups are not made and maintained.

An encrypted text file, Spreadsheet, Database, or specialized software

An encrypted database can offer you the same ease-of-use of the electronic storage method, while providing an extra layer of protection in case someone gains access to your computer’s data. There are several software programs which are designed for encrypted password storage, such as KeePass1PasswordPassword Safe, or the Firefox extension Password Hasher (though it’s not clear if it stores its password in encrypted databases or not). Though some of these can be pricey, the peace of mind and organization they provide is often times priceless.

ProsMany of the same advantages as simple file storage while providing an additional layer of security against unauthorized access. Free software programs are available. Specialized software can also assist in generating strong passwords.

ConsJust as the encryption protects against unauthorized access, you can lose access to your database if you forget the password. Store it securely. Non-free software can be pricey.

Cloud-based, encrypted password storage

Cloud-based password storage attempts to combine the best of encrypted storage as well as worry-free backup and syncing across all your devices. Keep in mind when choosing cloud-based storage that you’re placing your trust in the availability and security of the provider. Make sure that if you choose a provider that you carefully review their encryption choices and availability of an optional 2-factor authentication method.

My personal favorite in this category is LastPass. LastPass is free to use the website and browser extension, and they offer a premium subscription which allows you to access your password vault from a mobile device for $12 per year. LastPass also includes support for 2-factor authentication via a YubiKey or Google Authenticator.

(Disclaimer: I am a LastPass premium subscriber; I have not sought nor are they offering me any compensation for mentioning them in this post.)

ProsConvenient browser-based or browser extension for access and syncing of your passwords. Can auto-fill on websites. No need to worry about backing up your password file or losing it.

Cons: If your provider is compromised or goes down you could lose access to your stored passwords.

Do you have any methods of generating, storing, or securing passwords not listed above, or anything else that wasn’t covered in the above article? Please feel free to share in the comments below. Thank you!

, ,

Leave a comment