RankedRevFind the best. Skip the rest.
how to switch password managers
Back to Blog

How to Switch Password Managers Without Losing Anything

Step-by-step guide to exporting, importing, and verifying your passwords when switching managers — plus the gotchas most guides skip.

password managermigrationhow tosecurity
Rachel Foster
Rachel Foster
Updated 17-Feb-26

Switching Is Easier Than You Think: If You Do It in Order

The most common reason people stay with a password manager they dislike is the fear that switching will be complicated, risky, or result in lost credentials. I understand that fear. Your password vault contains the keys to your entire digital life, and the idea of moving hundreds of logins from one system to another sounds like an invitation for disaster.

But here is the truth: every major password manager supports import and export in standard formats, and the actual migration takes about 30 minutes for most people. The gotchas are real but avoidable if you know where they are. This guide walks through the process step by step, covering the edge cases that trip people up, 2FA tokens, passkeys, shared vaults, and secure notes. For help choosing your new password manager, see our best password managers category page or our buying guide.

Before You Start: Preparation Checklist

Do not export anything yet. First, take care of these housekeeping steps.

Update your old vault. Log into your current password manager and review your stored credentials. Delete accounts for services you no longer use. Update any passwords that you know are outdated. This is spring cleaning, and doing it before the migration means you only transfer credentials that matter.

Identify your 2FA tokens. If your current password manager stores TOTP codes (the six-digit rotating codes for two-factor authentication), make a list of which accounts use them. These do not always transfer cleanly, and you will need a plan for each one.

Check for secure notes and attachments. Many people store things beyond passwords, credit card numbers, software license keys, Wi-Fi passwords, insurance policy numbers, or scanned documents. Make sure you know what is in your vault so you can verify everything transferred.

Set up your new password manager first. Create your account, install the apps on all your devices, and set up the browser extensions. Make sure everything is working before you start importing. You want a fully functional destination before you begin moving.

Step 1: Export from Your Current Password Manager

Every major password manager lets you export your vault as a CSV or JSON file. The exact steps vary by provider, but the general process is the same.

1Password: Go to File > Export > select the vault > choose CSV or 1PUX format. The 1PUX format preserves more metadata if you are moving to another 1Password account.

Bitwarden: Go to Tools > Export Vault > choose CSV or JSON. JSON preserves folder structure and custom fields better than CSV.

Dashlane: Go to Settings > Export Data > choose CSV. Dashlane's export includes passwords, secure notes, and personal info in separate sections.

Keeper: Go to Settings > Export > choose CSV or JSON. Note that file attachments are not included in exports and need to be downloaded manually.

LastPass: Go to Account Settings > Advanced > Export. LastPass exports as CSV, which is compatible with every import tool.

Chrome/Safari/Firefox: All major browsers allow password export from their settings. Search for "passwords" in your browser settings and look for the export option.

Critical security note: The exported file contains all your passwords in plaintext. This is an unencrypted file sitting on your computer. Do not email it, do not upload it to cloud storage, and do not leave it on your desktop. Export it, import it into your new manager, and then securely delete it. On Mac, empty the Trash after deletion. On Windows, use Shift+Delete or empty the Recycle Bin.

Step 2: Import into Your New Password Manager

Open your new password manager and find the import function. It is usually under Settings or Tools.

Most managers auto-detect the format when you upload the file. If you are asked to specify the source, choose the name of your old password manager from the list. CSV imports are nearly universal, if your new manager does not have a specific import option for your old one, CSV will work.

What to watch for during import:

  • Duplicate detection. Some managers flag duplicates, others do not. After importing, search for common accounts (Google, Amazon, Netflix) and make sure you do not have two entries for the same site.
  • Folder and tag structure. CSV exports often flatten your organizational structure. If you had folders or tags in your old manager, you may need to recreate them manually after import.
  • Special characters. Passwords containing commas, quotes, or line breaks can sometimes break CSV parsing. If your import seems incomplete, check whether any passwords with special characters were dropped.

Step 3: Verify the Migration

This is the step most guides skip and the one that matters most.

Spot-check critical accounts. Log out of and back into your five most important accounts, email, banking, primary social media, cloud storage, and your employer's systems, using the credentials from your new password manager. Confirm that the autofill works and the passwords are correct.

Check the count. Compare the number of entries in your new vault to the number in your old one. If the numbers do not match, investigate what was missed.

Test 2FA codes. If you transferred TOTP tokens, verify that the codes from your new manager match the codes from your old one. Open both side by side and confirm they generate the same six-digit code at the same time. If they do not match, the token transfer failed for that account and you will need to re-enroll.

Verify secure notes and attachments. Open each secure note and confirm the content transferred correctly. Check that file attachments are accessible and intact.

Step 4: Handle the Gotchas

2FA Tokens (TOTP Codes)

TOTP codes are the most common migration headache. Some password managers export them as part of the vault data, others do not. If your TOTP codes did not transfer:

  1. Log into the affected service using your password (which should have transferred).
  2. Go to the service's security settings and disable two-factor authentication.
  3. Re-enable two-factor authentication, this time scanning the QR code with your new password manager.

This is tedious but straightforward. Budget about two minutes per account.

Passkeys

Passkeys are trickier because the standard for passkey portability is still evolving. As of early 2026, most passkeys are bound to the platform or password manager that created them. If you created passkeys in 1Password, they can export with your vault data. If you created them in iCloud Keychain or your browser, they may not transfer.

For any passkey that does not transfer, log into the service, delete the old passkey, and create a new one using your new password manager. The service still has your password as a fallback, so you will not be locked out.

Shared Vaults and Family Plans

If you shared passwords with family members or teammates through your old manager, those shared items need to be handled separately. Export your personal vault first. Then, in your new manager, set up shared vaults or folders and re-share the relevant credentials with the same people.

Make sure everyone in the shared vault has migrated before you delete the old shared vault. One person left behind means lost access for them.

Secure Notes and Files

Secure notes usually transfer via CSV or JSON export. File attachments (PDFs, images, documents) often do not. Check your old vault for any stored files and download them manually before canceling your old subscription.

Step 5: Clean Up and Delete Old Data

Once you have verified that everything transferred successfully and you have been using the new manager for at least a week without issues:

  1. Revoke sessions in your old manager. Log into the old manager's web vault, go to settings, and sign out all devices.
  2. Delete your vault. Most password managers have an option to permanently delete your account and all stored data. Use it.
  3. Delete the export file. If you have not already, permanently delete the CSV/JSON file you exported. Check your Downloads folder, Desktop, and Trash/Recycle Bin.
  4. Cancel the subscription. If your old manager was paid, cancel the subscription to avoid ongoing charges.

Do not rush this step. Keep your old manager active for at least one to two weeks after migration as a safety net. If you discover that a credential did not transfer, you will be glad the old vault still exists.

How Long Does This Actually Take?

For a vault with 100-200 passwords, no 2FA tokens, and no passkeys: about 20 minutes.

For a vault with 200+ passwords, TOTP codes on a dozen accounts, and a few shared vaults: about one to two hours, mostly spent re-enrolling 2FA tokens.

For an enterprise migration with shared team vaults, compliance requirements, and hundreds of users: that is a project, not a task. Contact your new provider's enterprise team for assisted migration.

Either way, it is a one-time cost for a tool you will use every day. Worth it.

Frequently Asked Questions

Will I be locked out of any accounts during the switch?

No, as long as you follow the verify step before deleting your old vault. Both password managers can coexist on your devices during the transition. Keep the old one installed until you have confirmed that every credential in the new manager works correctly.

Can I import from a browser password manager into a dedicated one?

Yes. Chrome, Safari, and Firefox all allow you to export saved passwords as CSV files, and every major dedicated password manager supports importing from these formats. This is actually the most common migration path, moving from a browser to a dedicated manager.

What if my new password manager does not import from my old one directly?

Use CSV as a universal bridge. Export from your old manager as CSV, then import that CSV into your new one. Every major password manager supports both CSV export and CSV import. The organizational structure (folders, tags) may not transfer, but the credentials themselves will.

Should I change all my passwords after switching?

It is not strictly necessary, but a migration is an excellent opportunity to do it. Your new password manager can generate unique, strong passwords for each account. Work through your vault over the next few weeks, updating the weakest and most critical passwords first, email, banking, and anything that still uses an old or reused password.

You Might Also Like

password managerfreesecurity

Free vs Paid Password Managers: What You Actually Get

Rachel FosterRachel Foster
03-Mar-267 min read
password managersecurityprivacy

Best Password Managers in 2026

Rachel FosterRachel Foster
02-Mar-2612 min read
portable power stationsizingwatts

How to Size a Portable Power Station for Your Needs

James MitchellJames Mitchell
28-Feb-265 min read