Import Passwords from KeePass into Passwordstate

Recently, we have been getting more and more requests from new Passwordstate customers asking how to import their data from KeePass. Because of these requests, we’ve now created a Powershell script which can be used in conjunction with our API. Our goal with this is to not only import the passwords from KeePass, but to also replicate the structure of the KeePass Groups in Passwordstate.

For customers not familiar with Passwordstate, the equivalent of a “Group” in KeePass is a “Password List” in Passwordstate. We also have the concept of “Folders” which allow you to logically group Password Lists together. If you follow the process below, it will create a Folder called KeePass Import in the root of Passwords Home, and will contain one Password List for every Group you have in KeePass. It will then import the relevant passwords inside each Password List.

We highly recommend taking a backup of your Passwordstate database prior to performing this import.  You can either use the automatic backup feature within Passwordstate, or possibly use SQL Management Studio Tools instead.

Exporting from KeePass in the Correct Format:

If you would like to migrate your passwords from KeePass to Passwordstate, you will need to export them as a csv file, which Passwordstate reads correctly.  The best version of KeePass to do this in is the Classic version and must be at least Version 1.31.  The Classic version has better options when exporting, allowing you to select which attributes of your passwords you would like to insert into the csv file.  If you are using KeePass Professional, you will need to transfer all of your passwords to the Classic version.  To do this:

  1. Open KeePass Professional and click File -> Export
  2. Select KeePass KDB (1.x)
  3. Select a place on your local disk to save the export to, and click OK
  4. If you get an error saying “This file format does not support root groups” click Close
  5. Open KeePass Classic
  6. Click File -> Import -> KeePass Database…
  7. Open the .kdb file you generated in the export process above
  8. Enter in the Master Password for your exported database and click OK
  9. Click File -> Export -> CSV File…
  10. Save the .csv to somewhere local like D:\KeePass-Import\Passwords.csv
  11. Under the fields to export, ensure you also tick “Group” and click OK

**Important** Once you have exported this .csv file, DO NOT modify and save in Excel in any way.  This can make the .csv file unreadable for the purpose of this exercise.

Preparing Passwordstate for the import

1. In Passwordstate, under the Passwords menu, create a new Password List Template.  This process will be copying the settings and permissions from this template when setting up your data.

2. On the Template, ensure you deselect the “Prevent saving of Password Record is ‘Bad’ password is detected“:

3. Also on the same Template, ensure you select the URL field as follows, and save it:

4. Apply appropriate permissions to the template via the Actions Menu.  Any user you give access to on this screen will get access to all passwords you import from KeePass.  If need be, you can easily modify permissions after you’ve completed this import process:

5. Press the Toggle ID Column Visibility and take note of the TemplateID:

6. Download the Import-Keepass.zip file from the Click Studios web site, and extract the contents into the same folder as your exported KeePass .csv file.

7. Take note of your System Wide API key in Passwordstate, which can be found under Administration -> System Settings -> API Keys.  If you need to, you can generate a new one:

8. Open the extracted import-keepass.ps1 file in your favorite Powershell scripting tool, and modify the top 4 variables to reflect the correct information about your environment. You will need to enter your Passwordstate URL, the exact path your exported .csv file, your system wide API key, and your Template ID:

9. If you now run your Powershell script, you should notice a KeePass Import folder in Passwordstate, along with Multiple Password Lists which are named the same as all your groups and sub-groups from KeePass.  They will also contain all the relevant passwords:

10. If you like, you can create some Folders in Passwordstate and begin dragging and dropping your new Password Lists as appropriate.

If you need any help with this at all, you are welcome to contact us on support@clickstudios.com.au.

Passwordstate Build 7580 New Features

In build 7580 of Passwordstate, we've introduced a few new features, most noticeably many changes in how encryption now works. Below is a summary of the more notable changes and features. Encryption Changes In consultation with an external … [Continue reading]

Password Management – Best Way To Secure Passwords

Has there ever been a time in your life that you couldn’t for the life of you recall a password? If remembering the seemingly countless amounts of passwords correctly is a problem, then you need to make use of Passwordstate, a revolutionary password … [Continue reading]

Password Management Best Practices

There is no guarantee that one person will stay in the same job forever. Opportunities arise and employees shift from job to job all the time. When this happens in a managed service business, technicians who move to a new company will also be taking … [Continue reading]

What You Should Look Into When Choosing A Password Manager

There are many security experts who feel that simply choosing a password with alphanumeric letters and special characters is not enough to keep internet infrastructure protected. On top of that, many users choose the same password for all their … [Continue reading]

Why Role Based Access Control is Crucial to Your Organisational Security

In today’s modern workplace, most if not all important documents, information and sensitive data is kept on a computer system, readily accessed at any point in time. While this offers a convenient way to store and retrieve files, a lack of role based … [Continue reading]

What Problems Does Password Management Solve?

A password is an imperfect solution to the problem of information security. Stronger passwords can be hard for individual employees to remember, leading to them potentially reusing the same string of characters across multiple private and commercial … [Continue reading]

Is Changing Passwords Mandatory For Systems And Accounts?

Password breaches are becoming common across all types of internet infrastructure and we need better password practices to protect our online servers, databases, routers and switches. A common source of the problem revolves around improper … [Continue reading]

Passwordstate Permission Model Changes

In build 7476 of Passwordstate, we introduced a new Permission Model which customers have been requesting for a while. You can now set a top level folder to propagate it's permissions down to all nested Password Lists and Folders. The traditional … [Continue reading]