Import Passwords from KeePass into Passwordstate

We are updating this blog in July 2018, as we’ve now got a new process for importing KeePass data into Passwordstate.  This process was supplied to us by one of our customers called Fabian Näf from Switzerland, and we’d like to thank him for his efforts as this has made the life easier for a lot of our customers.

 

Recently, we have been getting more and more requests from new Passwordstate customers asking how to import their data from KeePass. Because of these requests, we’ve now created a Powershell script which can be used in conjunction with our API. Our goal with this is to not only import the passwords from KeePass, but to also replicate the structure of the KeePass Groups in Passwordstate.

For customers not familiar with Passwordstate, the equivalent of a “Group” in KeePass is a “Password List” in Passwordstate. We also have the concept of “Folders” which allow you to logically group Password Lists together. If you follow the process below, it should create a Folder with the same name as the XML file you export from KeePass, and it will then replicate the KeePass group structure beneath this.

We recommend doing the following prior to import:

  • Taking a backup of your Passwordstate database prior to performing this import.  You can either use the automatic backup feature within Passwordstate, or possibly use SQL Management Studio Tools instead
  • Disable all Email Templates within the Administration area prior to the import, to prevent potentially mass emailing to your users. Or you could just disable specific ones like ‘Password Added’.

Process Start:

  1. In Passwordstate, identify and note down your System Wide API key from Administration-> System Settings -> API and you will find it under “Anonymous API Settings & Key”.  Ensure you save this page after you generate the new key.
  2. Create a Password List Template under the Passwords Menu -> Password List Templates.  On this template please set the following options and then save the template:
    1. Disable the option to prevent the saving of password records if they are found to be a “Bad Password” (screenshot 1 below)
    2. Uncheck the option so the Password field is not required, and enable the URL field (screenshot 2 below)
  3. Identify and note down the TemplateID by toggling the column visibility (screenshot 3 below)
  4. In KeePass, open your database and export the contents to a XML file.  This can be executed from File -> Export -> KeePass XML (2.x)
  5. Download the script from:  https://www.clickstudios.com.au/downloads/import-keepass-xml.zip
  6. Extract this zip file and open with Powershell ISE or the straight Powershell shell, if you prefer
  7. You will be prompted to answer 6 pieces of information:
    1. The username of an existing Passwordstate user you wish to give Admin rights to all Passwords imported during this process.  Generally you would just enter your own Passwordstate UserID here as you can modify permissions later and and example format for this is halox\lsand
    2. Your Passwordstate URL
    3. Your System Wide API key
    4. The FolderID you wish to create your KeePass structure under.  Enter ‘0‘ to create this in the root of Passwords Home, otherwise find the Folder ID of any Folder you like and use this when running the script
    5. Your PasswordList Template ID
    6. It will ask you to browse to your Exported XML file

That’s it, the script will now run through and automatically read all of the information out of the XML file, and import it into Passwordstate.  From here, there are a few other things you might want to consider doing after the script has run successfully:

  1. You may want to rearrange your folder structure.  Ie possibly you might want to create some new folders for each of your teams, and then drag and drop existing Password Lists/Folders inside of them
  2. Once you are happy with your Folder structure, you should start applying permissions to either Password Lists or Folders using the following video as a guide: https://www.youtube.com/watch?v=QBJE_xD185U
  3. Best practices are to use Security Groups to apply permissions, instead of individual users, if possible

Screenshot 1:

SNAGHTML14bffe9b.png

Screenshot 2:

2018-06-21_9-41-43.png

Screenshot 3:

 

If you need any help with this at all, you are welcome to contact us on support@clickstudios.com.au.

Speak Your Mind

*