Converter for Password Boss JSON [Solved: Converter available]

drwadmin
drwadmin
Community Member
edited November 2020 in Mac

Has anyone been able to successfully convert the JSON for Password Boss. I tried some options but was unsuccessful. @MrC


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Windows 10
Sync Type: Not Provided

Comments

  • MrC
    MrC
    Volunteer Moderator
    edited November 2020

    Hi @drwadmin ,

    I have never looked at Password Boss or it's JSON output. I can take a look at it if that would be helpful. Your export would need to be in the unencrypted format.

    Edit: The converter suite as of 2020-11-21 now includes this converter.

  • drwadmin
    drwadmin
    Community Member

    They do offer an unencrypted json export option. Thanks.

  • MrC
    MrC
    Volunteer Moderator

    @drwadmin ,

    I've taken a cursory look at the export using some sample data I created. I can make a converter for this.

    Since there are a fair number of combinations of item types, I'd like to first create the converter table entries required based on data you actually have. To collect this Type / Sub-type information:

    1. Export your data file to your Desktop, using the default name of PasswordBossExport.json (this location / name is used by step 3 below).
    2. Open the Terminal app (its under Applications/Utilities, or you can use Spotlight to find it for you).
    3. Copy / paste the following command for me (use Copy / Paste, don't enter it manually since the spaces I've included are important). It should be a single long line:

    pr -mt <(grep secure_item_type_name ~/Desktop/PasswordBossExport.json) <(grep '^ "type" : ' ~/Desktop/PasswordBossExport.json) | sort -u

    1. Provide me with the output. It should not contain any sensitive data - if it does, don't copy/paste it here). It should look like this:
      "secure_item_type_name" : "DW     "type" : "Bank",
      "secure_item_type_name" : "PI     "type" : "Address",
      "secure_item_type_name" : "PI     "type" : "Company",
      "secure_item_type_name" : "PI     "type" : "Email"
      "secure_item_type_name" : "PI     "type" : "Names",
      "secure_item_type_name" : "PI     "type" : "PhoneNumber",
      "secure_item_type_name" : "PV     "type" : "Application",
      "secure_item_type_name" : "PV     "type" : "Website",
      "secure_item_type_name" : "SN     "type" : "DriverLicense",
    

    With this, I can start work on the converter, and we can adjust it to meet your needs as we go.

  • drwadmin
    drwadmin
    Community Member

    I have a Windows machine. I added Strawberry Perl per the readme instructions and tried the command above but that didn't seem to work. It kept saying "The system cannot find the file specified". I tried moving the json file into the mrc-converter-suite and removing the ~/Desktop/ to see if then it could find it. Same result. Checked the file name and it is PasswordBossExport.json.

  • MrC
    MrC
    Volunteer Moderator

    I'm sorry, @drwadmin , since you were in the Mac forum, I assumed you were on a Mac. Yet somehow by your user name, I had a suspicion you were on Windows!

    I'll start the converter and add an option to output the data I need. I should have this for you sometime later today.

  • MrC
    MrC
    Volunteer Moderator
    edited November 2020

    @drwadmin ,

    I've created the initial base of the Password Boss converter, which will provide the info I need to continue most efficiently for you. In the Custom folder of my converter suite, there is a Passwordboss.pm file.

    1. Download and move the Passwordboss.pm file to the Converters folder inside your mrc-converter-suite folder (which I assume is on your Desktop).
    2. Open a Windows command shell.
    3. Change directories to the mrc-converter-suite folder:

    cd %USERPROFILE%\Desktop\mrc-converter-suite

    1. Run the command:

    perl convert.pl passwordboss --dumpcats ..\PasswordBossExport.json

    1. Copy that output and share it here. It will look something like:

    DW::Bank (1)
    PI::Address (1)
    PI::Company (1)
    PI::Email (1)
    PI::Names (1)
    PI::PhoneNumber (1)
    PV::Application (1)
    PV::Website (2)
    SN::DriverLicense (1)

    This will give me a listing and count of the types/subtypes you currently have, so I can build the converter tables.

  • drwadmin
    drwadmin
    Community Member

    DW::CreditCard (1)
    PI::Address (1)
    PI::Company (1)
    PI::Email (2)
    PI::Names (2)
    PI::PhoneNumber (1)
    PV::Application (8)
    PV::EmailAccount (6)
    PV::Server (7)
    PV::Website (174)
    PV::WiFi (8)
    SN::GenericNote (1)

  • MrC
    MrC
    Volunteer Moderator
    edited November 2020

    @drwadmin ,

    Excellent. I'm working on the converter now. I have a few questions:

    1. There are two URL's in a Website: the url inside the identifiers section of an entry, and the login_url outside. These seem to be the same in my tests, and I don't understand how one is generated since the GUI only allows one URL entry. I can place both URL's in the list, but I'd like to know the order you prefer them in, if they are ever different. Any comment here would be helpful.
    2. Do you care about the Color value? It is exported as an RGB value such as #c239b3, and currently I'm just adding it as a 1Password tag value.
    3. 1Password does not have a "subtitle" field, and Password Boss has this value. It seems to be used as an additional identifier for names of Website entries (and appears to come from the username field). I can append this at the end of the 1Password entry's Title, or I can add it as a custom field, or it can go to the Notes area. What's your preference here?
    4. Password Boss has a "App" entry, which is more like a 1Password Login sans a URL. 1Password has a Software License category, but this doesn't feel like a good match. I'm thinking the target category be a 1Password Login (or a Secure Note). Your thoughts?

    I'll likely have some more follow-up questions.

  • MrC
    MrC
    Volunteer Moderator
    edited November 2020

    @drwadmin ,

    I've posted an update to the converter I placed in the Custom folder mentioned above. Please update your earlier version and give it a try.

    Of your list, I've implemented the following:

    PV::Application (8)
    PV::EmailAccount (6)
    PV::Website (174)
    PV::Server (7)
    PV::WiFi (8)
    DW::CreditCard (1)
    PI::Names (2)
    SN::GenericNote (1)

    and also SN::DriverLicense. The remaining items from your list will go to Secure Notes

    PI::Address (1)
    PI::Company (1)
    PI::Email (2)
    PI::PhoneNumber (1)

    Unfortunately I cannot associate these with the Identity entry I created from the PI::Names category, since there is no linkage information. Creating multiple Identify records seems wrong. So, post-import, you can update your Identity records with the correct information from these.

    To run the converter, re-run the cd and conversion commands you ran above, without the --dumpcats option this time. You can add the -v option if you'd like verbose output showing you category import/export counts:

    $ perl convert.pl passwordboss -v ..\PasswordBossExport.json
    Imported 15 items
    Exported 1 identity item
    Exported 1 email item
    Exported 1 server item
    Exported 7 note items
    Exported 1 creditcard item
    Exported 3 login items
    Exported 1 wireless item
    Exported 15 total items
    You may now import the file C:\Users\cappella\Desktop\1P_import.1pif into 1Password
    

    Import the mentioned file into 1Password, and examine the records to see how they look.

  • drwadmin
    drwadmin
    Community Member

    I did test it this morning and was able to successfully import. On your previous reply and looking at the import.
    1. I don't think we need both URLs, the one that is the first field in a password record is fine.
    2. That color gets auto generated so it doesn't need to be included.
    3. Looking at what came over with the subtitle notes, it is just the username, we don't need that.
    4. I think the app record should just be a login entry.

    Some other notes on the import:
    • In some cases we do have multiple identities as part of their auto-fill options on web forms. If having two identities in 1password isn't really allowed I guess we can just make it a note and delete it later. Like I have one for being an admin and one that is just my own work profile depending on the type of form I need to fill out. When I looked at the identities that came over, they were missing a several fields from the original entry in PWB like address, phone, and company. I also see lots of notes that got added including pieces of the identity I am guessing, which if we can’t get those into the identity entry, are necessary. We can just delete those unless they can be removed from the code.
    • Looking at the fields that come over in the notes section, I would say none of them are useful and just clutter up the record. There are just generated in PWB and not useful unless you are using PWB (subtitle, remote_connection, windows_application, password_age, password_visible_recipient, ignoreItemInSecurityScore). Can you remove those, otherwise I can probably figure out how to pull them out of the code. I did check a couple of entries that we had notes on and those did come over.
    • Is it possible to override the Created and last modified in 1password with the same fields in PWB?
    • All the passwords that were shared to me came over as a private password entry. Is it possible to exclude those as we would want those to be reshared by person who shared it? Wasn’t sure if you saw something that designates it as such.

    Again thank you for all your work on this. I understand if any of the questions above would add significant amount of work. At least I was able to import which is a step in the right direction. I work for a nonprofit org and we have to import for multiple staff.

  • MrC
    MrC
    Volunteer Moderator
    edited November 2020

    Hi @drwadmin ,

    Good feedback, thanks.

    1. I don't think we need both URLs, the one that is the first field in a password record is fine.

    I'll compare the URLs - if they are different, I'll keep both; otherwise I'll ditch the dup.

    1. That color gets auto generated so it doesn't need to be included.

    It's customizable, so thought you or others might want the option. Some folks use colors like tags. My general policy is to retain all information available.

    1. Looking at what came over with the subtitle notes, it is just the username, we don't need that.

    That's what I was thinking. I'll compare, and eliminate a dup. But subtitle seems to be the appropriate identifier, from the specific PWB entry that supplements the title, making them uniquely identifiable (e.g. for Joe's two phone records, Joe's Phone: 555-1222, and Joe's Phone: 555-1313. Likewise for credit card numbers, etc.). Anyway, I can include commented out entries that append this subtitle, or maybe introduce an option such as --appendsubtitle.

    Some other notes on the import:
    • In some cases we do have multiple identities as part of their auto-fill options on web forms. If having two identities in 1password isn't really allowed I guess we can just make it a note and delete it later. Like I have one for being an admin and one that is just my own work profile depending on the type of form I need to fill out. When I looked at the identities that came over, they were missing a several fields from the original entry in PWB like address, phone, and company. I also see lots of notes that got added including pieces of the identity I am guessing, which if we can’t get those into the identity entry, are necessary. We can just delete those unless they can be removed from the code.

    You can have any number of 1Password Identities. And the converter creates them based on the PI::Names entries. You have two, so should have two Identity records.

    What I cannot do, is connected your other PI items such as address, phone, and company to those Identity records, because there is nothing in the export that link's them to each other. In the export, they are just arbitrary, disconnected entries. You have two email address entries - how could I know if one or both or neither should be associated what one or both of your name entries? So you will need to copy / paste the appropriate field values from those items (stored as Secure Notes), and place the data into the the correct Identity record created for you.

    • Looking at the fields that come over in the notes section, I would say none of them are useful and just clutter up the record. There are just generated in PWB and not useful unless you are using PWB (subtitle, remote_connection, windows_application, password_age, password_visible_recipient, ignoreItemInSecurityScore). Can you remove those, otherwise I can probably figure out how to pull them out of the code. I did check a couple of entries that we had notes on and those did come over.

    Of all the fields you listed above, some are on Windows exports only, and some I do not see in either. Here's what I see...

    Windows / Mac:

    subtitle

    Windows only:

    ignoreItemInSecurityScore
    password_age

    I don't see the following in my Mac or Win PWB export:

    remote_connection
    windows_application
    password_visible_recipient

    How were they generated, or more importantly, how can I generate them (so that I may add filters to the code)?

    • Is it possible to override the Created and last modified in 1password with the same fields in PWB?

    I don't see either of these dates in my export. Where are these coming from, and how did you get them generated?

    • All the passwords that were shared to me came over as a private password entry. Is it possible to exclude those as we would want those to be reshared by person who shared it? Wasn’t sure if you saw something that designates it as such.

    How would I know they were "shared". What specifically and unambiguously in the export can tell us that?

    Again thank you for all your work on this. I understand if any of the questions above would add significant amount of work. At least I was able to import which is a step in the right direction. I work for a nonprofit org and we have to import for multiple staff.

    You're welcome. Happy to help!

  • MrC
    MrC
    Volunteer Moderator

    @drwadmin ,

    I've posted an update to the converter with a mechanism to ignore fields at the top level, or within the "identifiers" section:

    # The following top-level field names will be ignored.
    #
    my @ignoredFields = qw(
        color
    );
    
    # The following field names will be ignored in an item's "identifiers" section.
    #
    my @ignoredIdentifiers = qw(
        ignoreItemInSecurityScore
        password_age
    );
    

    You can remove field name keys that you want the converter to preserve, or add field name keys to have them omitted. There are some limitations here, but that's beyond the scope of the discussion here.

  • MrC
    MrC
    Volunteer Moderator

    I've posted another update, which includes:

    1. removes the login_url when it is the same as url
    2. adds an ----appendsubtitle option, as per discussion above. See screenshot showing entries with and without this option enabled.

  • drwadmin
    drwadmin
    Community Member

    I had to do some digging to find what remote_connection, Windows_application, and password_visible_receipient show up, as it is not in every record.
    Remote_connection- can’t seem to find any where this field is located. I looked through all the records to see in the import if it brought in a value to get me a clue. I look at all the different types of records, don’t see anything.
    Windows application appears I believe if you use Password boss to log into windows apps. I could only find it on one of my records that I must have tested this on. You have to go to the settings in PWB go to Advanced tab and turn on the Login to Windows app setting and then add an app.

    Password_visible_recipient – my guess by the name that this has to do with sharing passwords. When you share a password you get an option to Read only / Password visible (default), Read Only / Not visible, or editor. Not all my records have this field in notes. However some that are not shared currently have it set to 1, and some that are shared also have it set to 1. I could find at least one shared password that didn’t have it, so I can’t be for certain that it used for that.

    Every password record has a created and last modified date that is auto generated. When I open any record I can see them in the top right corner.

    As for shares I would just assume they would have some field designated them as a share versus a personal entry. However maybe that is not the case. We could simply undo all the shares before generating the JSON file as an alternative. Some may want to pull those shares in so, it would just be unique to our situation.

  • MrC
    MrC
    Volunteer Moderator

    Hi @drwadmin ,

    I can add those fields to the two "ignore" lists I added to the most recent update. You can probably figure out how that's done too, by the code I showed above.

    The created and modified time stamps are not present in my export records:

    so if Password Boss is not exporting these values, there's nothing I can do convert them! :-)

    Regarding "shares", again, if there is nothing in the JSON export file that can be used to indicate a record is shared, there's nothing I can do. So you'd need to figure out how to isolate your exports to include only the records you want converted.

  • MrC
    MrC
    Volunteer Moderator

    @drwadmin

    I've been able to find password_visible_recipient in the export now, but wasted enough time trying to find these:

    remote_connection
    windows_application

    Can you tell which section of the JSON item these are located in (e.g. the top level, or inside the "identifiers" section) ?

  • drwadmin
    drwadmin
    Community Member

    sorry didn't think to actually look at the JSON file. It is within the items section.

  • MrC
    MrC
    Volunteer Moderator

    No worries @drwadmin , I've added those fields to the converter which will be packaged as part of the converter suite once I add a few more of the default Password Boss categories.

    Are you good good to go now?

  • drwadmin
    drwadmin
    Community Member

    Yes and thank you again!

  • On behalf of MrC you're very welcome. Glad to hear he was able to work something out for you here. Thanks so much as always for your assistance MrC!

    Ben

This discussion has been closed.