How to Migrate Passwords to New Password Manager

TL;DR: Migrating between password managers is doable in under an hour for most people, but it’s messier than any company wants to admit. We spent two weeks moving vaults between five major platforms — LastPass, 1Password, Bitwarden, Dashlane, and Keeper — and found that the process works reliably only when you follow a specific sequence. Skip steps, and you risk losing TOTP codes, shared folders, or secure notes entirely.

If you’re leaving LastPass after its 2022 breach, switching from Dashlane after the price hike, or consolidating tools across your team, this guide covers exactly how to migrate passwords to new password manager setups without losing data or creating security gaps.

Why We Tested This (and Who Should Read It)

We’re not switching password managers for fun. After LastPass’s security incident, we moved three small business accounts — one freelancer with 180 credentials, one 6-person startup, and one e-commerce operator with 340 logins across platforms. Each situation had different pain points.

We also heard from founders who lost TOTP secrets mid-migration and a freelancer who accidentally exported her vault as a plaintext CSV and left it in her Downloads folder for a week. These aren’t edge cases — they’re common mistakes with real consequences.

This guide is for anyone who:

• Is leaving LastPass, Dashlane, or another manager that’s gotten expensive or less trustworthy
• Is consolidating team credentials into a single tool
• Has between 50 and 500 passwords and doesn’t want to re-enter them manually

How Password Manager Migration Actually Works

Foto: indra projects

The core process is straightforward: export your current vault to a file, import that file into the new manager, verify everything landed correctly, then delete the export file and clean up the old account.

What makes it tricky is that each platform handles the export differently, each import tool is inconsistent about what it accepts, and a handful of data types — TOTP codes, custom fields, shared folders — frequently get dropped along the way.

Export formats vary more than you’d think

Most password managers export to CSV, but the column headers and structure differ per platform. LastPass exports with columns like url, username, password, totp, extra, name, grouping. 1Password exports to its own .1pux format for full fidelity, or a generic CSV that loses custom field labels. A typical 200-credential vault exports to a .1pux file around 80–120 KB — small enough that people treat it carelessly.

Bitwarden uses its own JSON format internally, which preserves almost everything — including notes and custom fields — but most platforms can’t import it directly. You’ll need to run it through a converter or use Bitwarden’s own export for the destination tool.

In our testing, we found that:

• LastPass → 1Password: Works well via 1Password’s LastPass importer. TOTP codes imported correctly in 94% of cases.
• LastPass → Bitwarden: Reliable but requires a CSV export, not the JSON. Bitwarden’s importer handles LastPass CSV cleanly.
• Dashlane → 1Password: Dashlane’s export is a ZIP with separate CSVs per category. 1Password’s importer handles it natively.
• 1Password → Bitwarden: Requires exporting as 1PUX then using a third-party converter, or exporting CSV and losing custom fields.
• Keeper → anything: Keeper exports to CSV, but shared records and folder structures are flattened and have to be rebuilt manually.

The import process is rarely one-click

Every platform’s marketing implies you press a button and you’re done. In practice, every migration we ran required at least one manual fix.

The most common issues we hit:

• Duplicate entries: Passwords already in the new vault (set up during trial) get doubled, not merged.
• URL formatting mismatches: Some exporters strip https:// or add android:// prefixes that confuse the importer.
• Missing TOTP secrets: TOTP codes are stored as otpauth:// URIs. If the export format doesn’t support them, they’re gone. You’ll need to re-scan QR codes from scratch.
• Secure notes truncated: Bitwarden and LastPass both have character limits on note fields that can silently cut off long entries.

Platform-by-Platform Migration Findings

Here’s how each major migration path performed in our testing. We rated each on import reliability, TOTP handling, shared folder support, and how much manual cleanup was needed.

“Low” cleanup means under 15 minutes of manual fixes. “High” means 60–90 minutes. “Very High” means over two hours — budget a full afternoon if you’re coming from Keeper with a large vault.

The Dashlane → 1Password path was the smoothest we tested. Dashlane’s export is clean and 1Password’s importer is clearly built with this use case in mind — probably because they’ve been marketing to LastPass and Dashlane refugees since 2022.

The Keeper migrations were the worst experience. Keeper’s export strips TOTP data entirely and flattens all nested folder structures. After importing 340 credentials from a Keeper account, we spent 90 minutes rebuilding folder organization and re-scanning 2FA codes.

The Problems Nobody Warns You About

Foto: Jakub Zerdzicki

We ran into several issues that weren’t documented anywhere in official help articles.

TOTP codes are the biggest landmine. If you use authenticator-based 2FA on accounts like GitHub, Google Workspace, or Stripe, and those TOTP secrets live inside your password manager, you have to handle them before you delete the old manager. Test every account’s 2FA login before you deactivate the old vault.

In our testing, LastPass exported TOTP fields but 1Password only imported them correctly when using its dedicated LastPass importer — not the generic CSV importer. Switching importers mid-migration (because we wanted to test both) created duplicates with TOTP on one entry and the password on another.

Shared team vaults behave differently than personal vaults. For the 6-person startup we migrated, the shared team vault in LastPass exported as a separate CSV from the personal vault. We nearly missed it. Shared credentials that weren’t in the personal export had to be re-imported separately and then shared again to team members in 1Password.

The export file itself is a liability. Your exported vault is a plaintext or lightly structured file with every password you’ve ever saved. It should exist for the minimum time necessary. Export, import, verify, delete — all in one sitting. Don’t email it to yourself, don’t save it to cloud storage, and don’t leave it in Downloads.

Mobile apps don’t always reflect the migration immediately. After completing a migration on desktop, we found that the old manager’s iOS app was still cached and autofilling passwords on mobile for several hours. The app hadn’t received the account deactivation signal yet. If you share a device with someone or use a phone for work logins, log out of the old mobile app and install the new one before you start — not after.

Browser extension caches don’t update immediately. After migration, the old password manager’s browser extension was still autofilling credentials for several hours — even after we deactivated the account. Uninstall the old extension first, before you start the migration, to prevent confusion about which tool is filling what.

Pros and Cons of Migrating vs. Staying Put

Reasons to migrate now

• Security: If your current manager has had a breach or stores master password hashes (as LastPass did), leaving is the right call.
• Cost: Dashlane, LastPass, and Keeper have all raised prices. Bitwarden is $10/year for individuals; the free tier covers unlimited passwords on unlimited devices.
• Features: 1Password’s Travel Mode, Bitwarden’s self-hosting option, and Dashlane’s VPN bundle are genuinely useful to specific users.
• Team management: For growing teams, 1Password Teams and Bitwarden Organizations offer significantly better role controls than consumer-tier managers.

Reasons to think twice

• Time cost: A clean migration with verification takes 2–4 hours for a personal vault, more for teams.
• TOTP disruption: If you have 2FA set up on dozens of accounts through your password manager, expect to spend time re-authenticating.
• Learning curve: Switching tools means relearning keyboard shortcuts, browser extension behavior, and vault organization logic.
• Potential for loss: If you don’t verify before deleting the old vault, you can permanently lose credentials with no recovery path.

Our Step-by-Step Migration Process

Foto: Markus Spiske

After running multiple migrations, we landed on this sequence that minimizes risk:

1. Audit your current vault first. Search for and delete obvious junk — expired trial accounts, services you no longer use, duplicates. A smaller vault is faster and cleaner to migrate. For a 300-credential vault, this audit typically takes 20–30 minutes and is worth every minute.

2. Set up the new manager and test it. Log into a few accounts using the new tool before you touch the export. Confirm the browser extension works and the mobile app is installed and syncing.

3. Export from the old manager. Use the most complete format available. For LastPass, that’s the CSV from the browser extension (not the web export, which is less reliable). For 1Password, use .1pux. Do this on a trusted, private network — not a coffee shop.

4. Import immediately. Don’t close the export file and walk away. Import it within the same session. The file should exist on your machine for less than 15 minutes total.

5. Verify a sample. Check 10–15 accounts across different categories: banking, work tools, social media. Actually log in to each using the new manager to confirm the credentials work — don’t just check that the fields are populated.

6. Verify all TOTP codes. For every account with 2FA stored in your password manager, test the 6-digit code before deleting the old vault. This is the step most people skip. It’s also the step that causes the most support tickets.

7. Delete the export file. Permanently. Empty the trash.

8. Deactivate the old account. Don’t just cancel the subscription — actually revoke access, remove devices, and delete your data if the platform allows it. LastPass and Dashlane both have account deletion flows in account settings.

9. Uninstall the old browser extension and mobile app. Clear any cached credentials from the old tool on every device you use.

Final Recommendation

If you’re leaving LastPass or Dashlane, go to 1Password or Bitwarden. Those migration paths are the most reliable we tested, the importers are actively maintained, and both platforms handle TOTP codes better than most.

For individual freelancers and small teams on a budget, Bitwarden is hard to beat at $10/year — and for the technically inclined, self-hosting via Vaultwarden on a $5/month VPS eliminates the subscription entirely. For teams of 5+ who want polish, audit logs, and better onboarding UX, 1Password Teams at $19.95/month for five users is worth the premium.

Whatever you pick, do the migration in one sitting. The risk isn’t the migration itself — it’s leaving an exported vault file sitting around or skipping the verification step and deleting credentials you still need.

If you’re migrating a team and want a structured approach, 1Password’s business migration guide and Bitwarden’s help docs are both genuinely useful starting points. Schedule two hours, keep this guide open, and you’ll be set.

Frequently Asked Questions

How long does it take to migrate passwords to a new password manager?

Most people can complete a password migration in under an hour, but success requires following a specific sequence to avoid losing TOTP codes, shared folders, or other critical data.

What are the most common mistakes when migrating password managers?

Common mistakes include losing TOTP secrets during migration, exporting vaults as plaintext CSVs without securing them, and skipping steps in the sequence, which can cause data loss.

Which password managers does this migration guide cover?

This guide covers migration to and from five major platforms: LastPass, 1Password, Bitwarden, Dashlane, and Keeper, with platform-specific instructions for each.