PersonalBusinessDownloadPricingHelpBlogContact
Get Started
Log In
PersonalBusinessDownloadPricingHelpBlogContactBusiness SalesGet StartedLog In

Encrypted Exports

Vault data can be exported in an encrypted JSON file. In most Bitwarden apps, these exports are encrypted using your account's encryption key, which are generated on account creation and unique to each Bitwarden user account. The CLI has a unique option to encrypt the file with a specified password.

warning

Rotating your account's encryption key will render an encrypted export impossible to decrypt. If you rotate your account encryption key, replace any old files with new one that use the new encryption key.

Account encryption keys are unique to each Bitwarden user account, so you won't be able to import an encrypted export into a different account.

Encrypted exports will include all vault data, including logins, cards, secure notes, and identities. An encrypted export of the following plaintext login item:

{
      ...
      "login": {
        "username": "mylogin",
        "password": "mypassword",
        "totp": "otpauth://totp/my-secret-key"
      },
      ...

Will look something like:

{
      ...
      "login": {
        "username": "9.dZwQ+b9Zasp98dnfp[g|dHZZ1p19783bn1KzkEsA=l52bcWB/w9unvCt2zE/kCwdpiubAOf104os}",
        "password": "1o8y3oqsp8n8986HmW7qA=oiCZo872b3dbp0nzT/Pw=|A2lgso87bfDBCys049ano278ebdmTe4:",
        "totp": "2CIUxtpo870B)*^GW2ta/xb0IYyepO(*&G(&BB84LZ5ByZxu0E9hTTs6PHg0=8q5DHEPU&bp9&*bns3EYgETXpiu9898sxO78l"
      },
      ...

Create an encrypted export

Creating an encrypted export follows the normal export procedure. When prompted for File Format, select .json (Encrypted):

To export your individual vault data from the web vault:

  1. Select Tools from the top navigation bar.

  2. Select Export Vault from the tools menu.

  3. On the vault export page, choose a File Format (.json, .csv, or .json (Encrypted)).

    tip

    If you need to import this data into a new Bitwarden account, choose the regular .json format (not .json (Encrypted)).

  4. Enter your master password and select the Export Vault button.

To export your individual vault data from a browser extension:

  1. Open the Settings tab.

  2. Scroll down to the Tools section and select the Export vault option.

  3. On the export vault view, choose a File Format (.json, .csv, or .json (Encrypted)).

    tip

    If you need to import this data into a new Bitwarden account, choose the regular .json format (not .json (Encrypted)).

  4. Enter your master password and select Submit.

note

If you are exporting from Vivaldi, you may need to pop-out the browser extension for export to work properly:

Popout a Browser Extension
Popout a Browser Extension

To export your individual vault data from a desktop app:

  1. From the menu bar, navigate to FileExport vault.

  2. In the export vault window, choose a File Format (.json, .csv, or .json (Encryped)).

    tip

    If you need to import this data into a new Bitwarden account, choose the regular .json format (not .json (Encrypted)).

  3. Enter your master password and select the Download button.

To export your individual vault data from a mobile app:

  1. Tap the Settings tab.

  2. Scroll down to the Tools section and tap the Export Vault option.

  3. On the export vault view, choose a File Format (.json, .csv, or .json (Encrypted)).

    tip

    If you need to import this data into a new Bitwarden account, choose the regular .json format (not .json (Encrypted)).

  4. Enter your master password and select the Export vault button.

To export your individual vault data from the CLI, use the export command. By default, export will export your vault as a .csv and save the file to the working directory, however this behavior can be altered using options:

bw export --output /users/me/documents/ --format json --password mYP@ssw0rd

The --password option can be used to specify a password to use to encrypt encrypted_json exports instead of your account encryption key.

For more detail, please see review the Bitwarden CLI documentation.

Import an encrypted export

Importing an encrypted export follows the normal import procedure. When prompted for File Format, select .json:

tip

There is no import option specifically for encrypted exports. A handler will determine that the .json file is encrypted and attempt to decrypt the file using your account's encryption key.

To import data to your vault:

  1. Log in to the web vault at https://vault.bitwarden.com, or https://your.bitwarden.domain.com if self-hosting.

  2. Select Tools from the top navigation bar.

  3. Select Import Data from the tools menu.

  4. From the format dropdown, choose a file format.

  5. Select Choose File and add the file to import or copy/paste the contents of your file into the input box.

    warning

    Importing does not check whether items in the file to import already exist in your vault. If you import multiple files or import files with items already in your vault, this will create duplicates.

  6. Select Import Data to trigger the import.

  7. After successful import, delete the import source file from your computer. This will protect you in the event your computer is compromised.

File attachments will need to be manually uploaded to your vault.

To import data to your vault from the CLI, use the following command:

bw import <format> <path>

bw import requires a format (use bw import --formats to retrieve a list of formats) and a path, for example:

bw import lastpasscsv /Users/myaccount/Documents/mydata.csv

After successful import, delete the import source file from your computer. This will protect you in the event your computer is compromised.


Language

Products

Resources

  • Resource Center
  • Community Forums
  • Security Compliance
  • Success Stories
  • User Reviews
  • Newsfeed
  • Subscribe to Updates
©2022 Bitwarden, Inc.
Terms Privacy Sitemap