Skip to main content

Jonas Voss

Migrating from LastPass to KeePass

4 min read

I've been a LastPass Premium user for a couple of years, and I've really enjoyed it. It's a good product, very user-friendly, and the apps are well-done. I've been wanting to switch to another password manager for a while, due to security concerns. Plenty of compromised cloud companies out there, and LastPass might as well be next.

Over the last few days, lastpass has been down, or running a suboptimal service for many users, including myself, and since my last attempt at renewing my LastPass Premium subscription was declined by my bank for some reason, I figured now was as good a time as any, to make a move to something else. 

I've dabbled a bit with Master Password App, which is a stateless password manager. I really like the idea, but then what do I do with all the logins and secure notes I already have stored in my lastpass vault? I don't see a simple way of storing those in Master Password. My alternative then was down to a stateful password manager, and here's where KeePass comes in. KeePass is an open-source password manager from the 00s. Initially for Windows, but ported to a staggering variety of platforms, most likely including the one you are reading this on. It saves its content in an encrypted database, which you can then stick on a server, and get access to it through as many apps as you like.

Getting your vault out of LastPass

I wanted to export my Lastpass vault, and import it into some form of Keepass port. Here are the steps I followed:

  1. Logged into Lastpass on the web, clicked on "More options" and selected "Export"
  2. Saving the resulting page doesn't help you at all, so you have to select the content of your now unencrypted lastpass vault, and paste it into a text file (any empty document in an editor will do)
  3. Save that text file and give it the extension .csv

Getting your vault into KeePass

The next step was to get my LastPass csv-vault into a KeePass database format. It turned out finding an app that supports direct import of plain csv-files was not so easy (most required XML files), but in the end I managed to find one called KeePassXC which accepts csv-files. Handy. Alternatively, if you can't find one that will import csv-files on your platform, you can use lastpass2keepass.py to convert the .csv-file to XML, which will then hopefully work for you.

Once imported, you will have a kdbx-file, which is the encrypted KeePass database, and somewhere along the process you have to create a password for the database-file. Think of it as your master password from LastPass, the one password that gives you access to your vault. Need help picking a good password?

Putting your file where all your apps can access it

Obviously you can keep the file on your local device, being laptop or phone or wherever you'd like it to be, but the real value from password managers are when they are available to you whenever you need them, which means to stick them somewhere on the internet. The benefit of Keepass is that you can stick it on a bunch of different services. Dropbox and Google Drive seems to be the most commonly used, but if you have one, you can also host the database file on your own server, and access it via sftp. You simply upload the database file to a place on your server, and it's then dependent on the app you use, if it supports sftp.

Mobile and web apps and Chrome browser extension

I'm mainly an Android and ChromeOS user, and for Android there's a number of options. I ended up going with KeePass2Android Password, and that does the job for me. If you need access to the file from a computer that is not your own, you can use KeeWeb, and point that to where your file lives (easiest if you have it on Dropbox or Google Drive).

For Chrome (and thus ChromeOS), there's an extension called CKP - which provides you with readonly KeePass password database integration for Chrome. You simply point it to your file, type in your master password, and you are away. 

An IndieWeb Webring 🕸💍

Jonas Voss