Although the leading password managers are highly trustworthy, you still need to create occasional backups.
A password manager is essential to protecting your online accounts and services. It simply is not practical or efficient to create strong passwords and try to remember them, store store and access them safely without a password manager.
If you are using short passwords like the one appearing in this screenshot, you face serious risks.
here are two good reasons for backing up your password manager.
First, though unlikely, it is possible that your password manager vendor could experience an outage. If you are like I am, you rely heavily on your password manager to log into a lot of websites. You may even use different email addresses to connect to different kinds of sites.
If your vendor's service goes down, you won’t remember all your passwords. You might have to go through the Forgotten Password process gain access your favorite websites during the outage. Maybe you won’t be able to do even that if your email password is stuck in your unavailable password manager.
Tip: Keep your email login and password securely stored both in your password manager and another secure place.
Second, what if just *your* password manager account has a technical problem? You will still want to get at your passwords right away while the problem is resolved.
Backing up your logins and passwords from your password manager can protect you from possible vendor issues and from issues with your own account.
HOW TO BACK UP YOUR PASSWORD MANAGERHere I explain how to back up a few of the leading password manager services.
Most password managers give you at least these two options for backing up their contents:
- An unencrypted .CSV file that you can open with Excel, another spreadsheet app or any word processor.
- An encrypted file (typically .JSON) or "secure archive" that you can import into your password manager web account or application.
I recommend using the unencrypted .CSV file so that you won't be dependent on the availability of your password manager webpage or software to get at your passwords in an emergency. It is also a good idea to create the second type of file, but not essential.
Heads Up: Be very careful with your unencrypted password files! One option is to save them on a USB flash drive (a thumb drive) and store it in a very safe place. Doing so protects you from thieves who might break into your computer and steal your files.
Let's look at the methods for backing up a few of the leading password manager services.
LastPass may be the most widely used password manager. To back up your LastPass entries:
- Left-click on the browser extension in the upper right corner of your web browser. Typically it is a red box containing three white dots [...]
- Click on: Account Options / Advanced / Export / LastPass CSV File
- Choose a folder and save lastpass_export.csv
You now have a copy of all your logins, passwords, websites and other LastPass contents in *plain text*. This is a dangerous file in the wrong hands.
See the section, SAFELY STORING YOUR PASSWORD MANAGER BACKUPS, below.
For more instructions on LastPass backups, see: https://support.logmeininc.com/lastpass/help/export-your-passwords-and-secure-notes-lp040004
Dashline is another popular, market-leading password manager. I've never used it, but you can find the backup instructions here: https://support.dashlane.com/hc/en-us/articles/202625092-How-to-export-or-back-up-your-Dashlane-account
This popular, open source, free password manager is easy to back up from the desktop, mobile or web app:
- Select: Tools
- Select: Export Vault
- Choose a File Format: .json, .csv, .json (encrypted) - I recommend .CSV
- Enter your Bitwarden password and select Export Vault.
- Save the exported .CSV file to a folder. The file is named: bitwarden_export_[YearMonthDayHourMinuteSecond].csv
Also popular is the 1Password password manager. To export its contents, follow these instructions: https://support.1password.com/export/
SAFELY STORING YOUR PASSWORD MANAGER BACKUPS
I suggest two options for safely storing your password manager backup file:
A. Encrypt the file by saving it as an Excel file (.XLSX) with a strong password so that you may safely save it on your PC and a cloud account, or
B. Copy it onto a couple USB flash drives that you store in highly secure locations.
With either method, it is important to make two copies. Keep one onsite and one offsite.
For option A (Windows instructions):
- Open the .CSV file in Excel or another spreadsheet program.
- Click: File / Save As / Save as type: Excel Workbook
- DON'T CLICK "Save" yet!
- Choose a local folder where you can find this file again if needed.
- Click the button: Tools / General Options...
- In the box "Password to open:" enter your LastPass master password (or, if you are paranoid, a different strong password that you are sure to remember).
- Reenter the same password.
- Add a date to the name of the file, lastpass_export.xlsx, e.g., lastpass_export2021-08-31.xlsx
- NOW press Save.
- Right-click on the original file, lastpass_export.csv
- Hold down the Shift key and click Delete to permanently delete the file.
- Upload a copy of the file to a cloud storage account (Dropbox, Google Drive, OneDrive, etc.).
The local and cloud copies are encrypted, so they are safe from prying eyes.
Or, for option B:
- In Windows File Explorer or your file manager, rename lastpass_export.csv to include the date, e.g., lastpass_export2021-08-31.xlsx
- Copy the file to two USB flash drives.
- Right-click on the original file, lastpass_export.csv
- Hold down the Shift key and click Delete to permanently delete that file.
- Store one USB flash drive in secure location onsite and one offsite in a safe deposit box or other secure place.
Go through the backup steps at least once a quarter to protect your more recent passwords. If one day you try to open your password manager and, Oh no!, it won’t open, you will be relieved to have a backup.