Would you open up your most guarded safe, let the world have a quick glance at the precious items within and then move it to another safe that seems more secure than the old one? This upgrade may bring additional benefits, but there is just one serious hiccup in the process: the most precious items are uncovered and available to anyone that has knowledge of the transition phase taking place. That's what happens when you move password data from one password manager to another. And if a third party is involved, the security risks are even higher.
Every high-quality password manager has security built into its core, but these safeguards lack flexibility when it comes to letting customers go. Obviously, like any other service, password managers would like to retain every customer, but some users may find the competition's offer more attractive.
That's when the time comes to crack open that safe that has been carefully protected and where the security risks appear. By exporting all the sensitive data you have protected so far into plain text (as an example), the data becomes vulnerable to anyone that might be watching.
Exporting Password Data From 1Password
One of the best password managers available is 1Password, but since the Canadian company AgileBits behind the service has moved its pricing model from per-device licenses to subscriptions to allow your data to be stored in the cloud and seamlessly synced across all devices, some security experts have withdrawn their support for 1Password. This has prompted some users to remain attached to their 1Password app licenses, while others simply searched for alternatives, such as LastPass, Dashlane, KeePass, or others.
To eliminate the hassle of starting a new database from scratch these users have had to move their existing data to the new password manager service of their choice. To do that they will need to uncover their highly protected credentials and password data by exporting to a format that is supported by competitors to allow the importing of the data.
1Password supports three file types when exporting password data: its own native .1PIF, (1Password Interchange Format), .CSV (Comma Delimited Text), and .TXT (Tab Delimited Text) formats. For import, 1Password can read its own format naturally, as well as data from LastPass, SplashID, or CSV format.
The problem with exporting 1Password data is that exported data files are not encrypted – they are stored in plain text. Anyone with access to your exported data files will be able to read your passwords without any effort. Do not email exported data files or store them online for this reason. This is why it is highly recommended that you delete (or securely delete, if you are using a Mac with HDD and have a Mac optimization tool to hand) the files as soon as you are done with the import.
Besides keeping all your passwords as a text file, another security risk arises when using a third party converter such as that recommended by 1Password for converting password data to 1PIF format. The converter may look safe, but it's still not an AgileBits native program; it was developed by a third party.
That's something you'd want to approach with care, as there is no guarantee that this middle man won't keep a copy of your data. You don't have to look too far back in time to read about security hacks. The problem is that hackers find easy targets super fast, and it's enough to catch you off guard only once and the next thing you'll notice is huge credit card charges for stuff you didn't buy.
It’s important to safeguard the data by encrypting it using macOS’s FileVault or an equivalent solution for PC. But doing this requires SSD, otherwise it affects the overall user experience.
While keeping in mind all of the above, we can only recommend spending extra time on selecting the best password manager to fit your needs. And go through the password manager's applied security and the encryption methods used to keep the data safe on a third party server. Oh, and don't forget to check the import options and think twice if it requires a third party to convert your sensitive data into a supported format. Most password managers, however, support the .CSV file format, which eliminates the need for a third party converter but still leaves the data unencrypted while in transit – so be sure your Mac is free of risky software with the help of Malwarebytes, a reliable third party software.
Best Password Managers of 2019
|Editor's Choice 2019|