The Complete Guide to Password Manager Migration

The LastPass breach of 2022 triggered one of the largest waves of password manager migrations in the industry's history. Then LastPass had another incident in 2023. And another in 2024. By now, the question for most LastPass users is not whether to migrate but when and where.

But migration anxiety is real. Your password vault contains credentials for hundreds of accounts. The fear of losing access to something critical, or of the migration going wrong, keeps people in tools they no longer trust.

This guide is specific and practical. It tells you exactly what to do, in what order, and where the real risks are versus the imagined ones.

Before You Start: Pick Your Destination

The major password managers in 2026 and who they are for:

1Password: The best overall option for most people. Polished apps on every platform, excellent family and team features, Travel Mode (hides specified vaults when crossing borders), and a clean security record. At $3/month individual or $5/month family, it is not free but it is worth it.

Bitwarden: The open-source option. Fully audited code, self-hosting option, and a genuinely free tier with no meaningful limitations for individual use. The UI is less polished than 1Password but functionally complete. My recommendation for anyone who prioritizes open-source transparency or has a tight budget.

Dashlane: Strong product with a good dark web monitoring feature. More expensive than alternatives at similar capability levels. Hard to strongly recommend over 1Password or Bitwarden.

NordPass: Newer entrant from the NordVPN company. Solid product but less mature ecosystem than 1Password or Bitwarden. Fine if you are already in the Nord ecosystem.

Step 1: Export From Your Current Manager

Every password manager can export your vault to a CSV or JSON file. Do this before anything else.

LastPass export: Account Settings > Advanced > Export > LastPass CSV File

This downloads a CSV with all your passwords. Important: this file is unencrypted plain text. Handle it with care - do not email it, do not upload it to cloud storage, and delete it securely when the migration is complete.

For 1Password export: File > Export > All Items For Bitwarden export: Tools > Export Vault

Step 2: Import Into Your New Manager

Most password managers can import directly from LastPass CSV format. 1Password imports via the desktop app: File > Import. Bitwarden via the web vault: Tools > Import Data.

Run the import on a desktop with a stable internet connection. Most vaults import in under 5 minutes. Very large vaults (1,000+ items) may take longer.

After import, spot-check 10-15 items manually - verify that passwords, usernames, and URLs transferred correctly. Check any entries you know have unusual characters in passwords, as encoding issues sometimes occur.

Step 3: Verify Critical Accounts

Before doing anything else, verify that your most important accounts are accessible through the new manager:

• Email (especially your recovery email)
• Banking and financial accounts
• Work accounts (especially SSO/email that other accounts depend on)
• Your primary social accounts

Log out and log back in to each of these using your new password manager. Do this before you uninstall the old one.

Step 4: Handle Two-Factor Authentication (2FA) Seeds

This is the step most migration guides skip. If you have TOTP 2FA codes stored in your password manager (the 6-digit time codes), they may or may not transfer with the vault export.

Check your new manager carefully - look at each account that should have 2FA and verify that the TOTP code is present and generating correct codes. For any account where 2FA did not transfer, you will need to:

1. Log in using your backup codes
2. Disable 2FA
3. Re-enable 2FA and scan the new QR code with your new manager

This is tedious for accounts with many 2FA-protected logins. I recommend prioritizing financial and email accounts, then working through the rest at a pace of 5-10 per day.

Step 5: Update Browser Extensions

Install your new manager's browser extension and disable or uninstall the old one. Most browsers will prompt to use a password manager - make sure it is pointing to the new one, not the old.

Test autofill on a few sites before assuming everything works. Autofill behavior varies by browser and site.

Step 6: Install on All Devices

Install the new manager on every device before you deactivate the old one:

• All phones and tablets
• Work and personal computers
• Any shared/family devices

The mobile apps for 1Password and Bitwarden both have good biometric authentication (FaceID, fingerprint) that makes daily use smooth.

Step 7: Securely Delete the Export File

The CSV export file you created in Step 1 is a cleartext copy of every password you own. Delete it using secure deletion (Secure Empty Trash on Mac, or a file shredder tool on Windows). Do not just drag it to the normal trash.

After the Migration: A Health Check

Over the next two weeks:

• Change the passwords for your 10 highest-value accounts to new, manager-generated passwords
• Check whether your new manager flags any reused passwords and start changing them systematically
• Set up emergency access (1Password and Bitwarden both support this) for a trusted person in case you are incapacitated

For a comparison of all major password managers, see best password managers.