Encrypted Exports
Vault data can be exported in an encrypted .json file
Account restricted: Export an encrypted file that can only be re-imported to the Bitwarden account or organization that generated the encrypted export file. This process utilizes the relative
accountor organization encryption key specific to the restricted export.Password protected: Export an encrypted file protected with a password of your choosing. This file can be decrypted with the password and can be imported to any Bitwarden account. The specified password is salted, used to derive an encryption key using
your configured KDF settings, and finally stretched with HDKF into a new encryption key, which encrypts your data, and message authentication code (MAC).
warning
Account restricted exports can not be imported to a different account. Additionally,
If you wish to import an encrypted .json file onto a different Bitwarden account, select the Password protected export type when creating an export.
Encrypted exports will include items like logins, cards, secure notes, and identities. An encrypted export of the following plaintext login item:
Bash{
...
"login": {
"username": "mylogin",
"password": "mypassword",
"totp": "otpauth://totp/my-secret-key"
},
...Will look something like:
Bash{
...
"login": {
"username": "9.dZwQ+b9Zasp98dnfp[g|dHZZ1p19783bn1KzkEsA=l52bcWB/w9unvCt2zE/kCwdpiubAOf104os}",
"password": "1o8y3oqsp8n8986HmW7qA=oiCZo872b3dbp0nzT/Pw=|A2lgso87bfDBCys049ano278ebdmTe4:",
"totp": "2CIUxtpo870B)*^GW2ta/xb0IYyepO(*&G(&BB84LZ5ByZxu0E9hTTs6PHg0=8q5DHEPU&bp9&*bns3EYgETXpiu9898sxO78l"
},
...Next steps
Create an encrypted export
as an individual user.Create an encrypted export
of your organization data.Re-import an encrypted export
as an individual user.Re-import an encrypted export
as an organization.