Security concern, common to all 'export/import' processes when changing password managers.

I am looking to transfer my current vault contents to 1Password (I am already invested as a new 1Password subscriber). This is not the first time that I have made the transition from one mgr to another. What's different, is that I am much more hesitant than I realized I woud be this time around, to pull the trigger on doing the actual data transfer. I've read too much over the years. Data 'leakage' or 'capture' is possible in numbers of ways, and with a very long (indefinite?) life span.

Obviously, everyone makes his/her own choice.

Anyone else in these parts ever think/thought about this?

All other things aside (keeping apps, OS, browsers, etc., up-to-date), do you think exporting via downloaded CSV file is any more/less secure than browser tab HTML copy/paste contents?

Thank you.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • @suffice I know where you're coming from. I thought about it a lot before moving from LastPass.

    I think it depends on the browser, what websites it has visited, what extensions are installed, what software is installed on the laptop/desktop, the provenance of that software, etc. So use a machine you have control of and intend to keep control of. As you say, make sure all the software is up to date. I would also use a virus scanner to perform a complete system scan.

    I prefer the CSV approach as I can simultaneously make an encrypted backup. Only save the file to a Solid State Drive if it is encrypted as its not possible to truly delete a file saved to an SSD due to wear evening software. Preferably use a spinning hard disk either in your desktop or plugged in externally. Once you've imported the CSV, delete the file using file shredding software.

  • I would export to a CSV file on a RAM disk and import from there. Then reboot the machine.

    (Of course, the OS, security software, browser, etc. still should all be up-to-date)

  • @XIII I was thinking "wouldn't it be great if there was such a think as a RAM disk". I'd never heard of one until now.

  • @missingbits Great comment! The more things change, ...

  • Thanks to all for your comments. You prompted me to do a bit more research.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file