Password Manager Migration Checklist: Move Your Logins Without Losing Access

Switching password managers is a smart upgrade when you want better features, pricing, family sharing, business controls, or a cleaner experience. It can also be stressful because your password vault is the map to your digital life.

The safest migration is slow, verified, and temporary where it needs to be temporary.

If your new setup will also include passkeys, read the passkey setup guide before you remove old recovery paths.

Password manager migration checklist with vault export, import, and security verification

Before You Start

Do the migration on a trusted computer, on a private network, with enough time to finish. Avoid public Wi-Fi, shared computers, and rushed sessions.

Make sure you know:

The master password for the old vault
The master password for the new vault
Recovery options for both accounts
Where exported files will be saved
How to delete those files after the move

If your old password manager has emergency access or family sharing, review those settings before exporting.

Step 1: Create the New Vault

Set up the new password manager first. Use a long, memorable master password that you do not use anywhere else. Enable two-factor authentication if available.

Then install the browser extension and mobile app. Sign in on the devices you actually use so you can test the migration across real workflows.

Step 2: Review Export Options

Most password managers can export logins as a CSV or another vault file. Read the export warning carefully. Many exports are plain text, which means anyone with the file can read the contents.

During export:

Save the file to a temporary folder
Do not upload it to cloud storage
Do not email it to yourself
Do not leave it in Downloads
Keep the file name boring

Treat the export like a key to every account.

Step 3: Import Into the New Manager

Use the new manager's import tool and choose the old provider if listed. Provider-specific importers usually preserve fields better than generic CSV imports.

After import, check that entries include:

Website URL
Username or email
Password
Notes
Folder or collection
Two-factor code if supported
Attachments if supported

Some secure notes and file attachments may not transfer automatically.

Step 4: Verify Critical Accounts First

Do not try to check every login immediately. Start with accounts that would create real pain if locked out:

Primary email
Bank and credit cards
Phone carrier
Cloud storage
Apple, Google, or Microsoft account
Work accounts
Domain registrar
Tax or payroll accounts

Open each site from the new password manager and confirm the login works.

Step 5: Confirm Recovery Paths

Password managers protect logins, but account recovery usually depends on email, phone numbers, backup codes, or recovery contacts. During migration, verify that your most important accounts have current recovery information.

This is especially important for primary email and cloud accounts because losing those can make other account recovery harder. Update old phone numbers, remove outdated recovery addresses, and save backup codes securely.

Step 6: Update Two-Factor Authentication

Some password managers store one-time codes. Others do not. If you use built-in two-factor codes, confirm they imported correctly before removing the old app.

This is also the right moment to decide whether passkeys should live in your platform account or your password manager. Our passkey setup guide walks through the tradeoffs and backup planning.

For sensitive accounts, consider keeping backup codes in a secure note or printed offline storage. Do not store recovery codes in an unencrypted document.

Step 7: Check Shared Vaults

Family and team vaults need extra care. Shared entries may import as private entries, or they may not import at all.

Review:

Shared household logins
Work credentials
Emergency access
Partner access
Permissions for children or team members

Tell shared users when the new system is ready. Do not remove the old shared vault until everyone can access what they need.

Step 8: Clean Up Duplicates

Imports often create duplicates. Keep the newest, most complete entry and archive or delete the rest.

For each duplicate, compare:

Website URL
Username
Last modified date
Notes
Two-factor code
Shared status

Do not delete aggressively until you have logged in successfully.

Step 9: Change Weak and Reused Passwords

Migration is a good time to improve security. Use the new manager's audit tool if it has one, or manually prioritize:

Reused passwords
Short passwords
Old passwords from important accounts
Accounts without two-factor authentication
Accounts you no longer recognize

Change high-value accounts first. You do not need to fix the entire internet in one evening.

Step 10: Delete the Export File

After import and verification, delete the exported file. Empty the trash. If it was backed up automatically, remove it from backup sync if possible.

Also check:

Downloads folder
Desktop
Recent files
Cloud sync folders
Email drafts or attachments

This is the most important cleanup step.

Step 11: Keep the Old Account Temporarily

Keep the old password manager active for a short transition period. During that time, use the new manager daily and note anything missing.

When you are confident, export any remaining secure notes manually, remove payment details if stored, cancel renewal if needed, and close or downgrade the old account according to the provider's process.

Final Migration Checklist

Before you finish:

New vault works on all main devices
Critical accounts have been tested
Two-factor codes are verified
Shared users have access
Duplicates are cleaned up
Export files are deleted
Old account renewal is handled

A password manager migration should feel careful, not scary. Move slowly, verify the accounts that matter, and leave no plain-text export behind.

Frequently Asked Questions

Is it safe to export passwords from a password manager?

It can be safe if done carefully, but exported files are often unencrypted. Store them only temporarily, keep them offline if possible, and delete them securely after import and verification.

What should I check after importing passwords?

Verify important logins, two-factor codes, secure notes, shared vaults, attachments, URLs, usernames, and duplicate entries before deleting the old vault.

Should I close the old password manager immediately?

No. Keep the old account available until you have confirmed that critical logins work in the new manager and your recovery options are updated.

Password Manager Migration Checklist: Move Your Logins Without Losing Access

The safest migration is slow, verified, and temporary where it needs to be temporary.

If your new setup will also include passkeys, read the passkey setup guide before you remove old recovery paths.

Password manager migration checklist with vault export, import, and security verification

Before You Start

Do the migration on a trusted computer, on a private network, with enough time to finish. Avoid public Wi-Fi, shared computers, and rushed sessions.

Make sure you know:

The master password for the old vault
The master password for the new vault
Recovery options for both accounts
Where exported files will be saved
How to delete those files after the move

If your old password manager has emergency access or family sharing, review those settings before exporting.

Step 1: Create the New Vault

Set up the new password manager first. Use a long, memorable master password that you do not use anywhere else. Enable two-factor authentication if available.

Then install the browser extension and mobile app. Sign in on the devices you actually use so you can test the migration across real workflows.

Step 2: Review Export Options

Most password managers can export logins as a CSV or another vault file. Read the export warning carefully. Many exports are plain text, which means anyone with the file can read the contents.

During export:

Save the file to a temporary folder
Do not upload it to cloud storage
Do not email it to yourself
Do not leave it in Downloads
Keep the file name boring

Treat the export like a key to every account.

Step 3: Import Into the New Manager

Use the new manager's import tool and choose the old provider if listed. Provider-specific importers usually preserve fields better than generic CSV imports.

After import, check that entries include:

Website URL
Username or email
Password
Notes
Folder or collection
Two-factor code if supported
Attachments if supported

Some secure notes and file attachments may not transfer automatically.

Step 4: Verify Critical Accounts First

Do not try to check every login immediately. Start with accounts that would create real pain if locked out:

Primary email
Bank and credit cards
Phone carrier
Cloud storage
Apple, Google, or Microsoft account
Work accounts
Domain registrar
Tax or payroll accounts

Open each site from the new password manager and confirm the login works.

Step 5: Confirm Recovery Paths

Step 6: Update Two-Factor Authentication

Some password managers store one-time codes. Others do not. If you use built-in two-factor codes, confirm they imported correctly before removing the old app.

This is also the right moment to decide whether passkeys should live in your platform account or your password manager. Our passkey setup guide walks through the tradeoffs and backup planning.

For sensitive accounts, consider keeping backup codes in a secure note or printed offline storage. Do not store recovery codes in an unencrypted document.

Step 7: Check Shared Vaults

Family and team vaults need extra care. Shared entries may import as private entries, or they may not import at all.

Review:

Shared household logins
Work credentials
Emergency access
Partner access
Permissions for children or team members

Tell shared users when the new system is ready. Do not remove the old shared vault until everyone can access what they need.

Step 8: Clean Up Duplicates

Imports often create duplicates. Keep the newest, most complete entry and archive or delete the rest.

For each duplicate, compare:

Website URL
Username
Last modified date
Notes
Two-factor code
Shared status

Do not delete aggressively until you have logged in successfully.

Step 9: Change Weak and Reused Passwords

Migration is a good time to improve security. Use the new manager's audit tool if it has one, or manually prioritize:

Reused passwords
Short passwords
Old passwords from important accounts
Accounts without two-factor authentication
Accounts you no longer recognize

Change high-value accounts first. You do not need to fix the entire internet in one evening.

Step 10: Delete the Export File

After import and verification, delete the exported file. Empty the trash. If it was backed up automatically, remove it from backup sync if possible.

Also check:

Downloads folder
Desktop
Recent files
Cloud sync folders
Email drafts or attachments

This is the most important cleanup step.

Step 11: Keep the Old Account Temporarily

Keep the old password manager active for a short transition period. During that time, use the new manager daily and note anything missing.

Final Migration Checklist

Before you finish:

New vault works on all main devices
Critical accounts have been tested
Two-factor codes are verified
Shared users have access
Duplicates are cleaned up
Export files are deleted
Old account renewal is handled

A password manager migration should feel careful, not scary. Move slowly, verify the accounts that matter, and leave no plain-text export behind.

Frequently Asked Questions

Is it safe to export passwords from a password manager?

It can be safe if done carefully, but exported files are often unencrypted. Store them only temporarily, keep them offline if possible, and delete them securely after import and verification.

What should I check after importing passwords?

Verify important logins, two-factor codes, secure notes, shared vaults, attachments, URLs, usernames, and duplicate entries before deleting the old vault.

Should I close the old password manager immediately?

No. Keep the old account available until you have confirmed that critical logins work in the new manager and your recovery options are updated.

Password Manager Migration Checklist: Move Your Logins Without Losing Access

Password Manager Migration Checklist: Move Your Logins Without Losing Access

Before You Start

Step 1: Create the New Vault

Step 2: Review Export Options

Step 3: Import Into the New Manager

Step 4: Verify Critical Accounts First

Step 5: Confirm Recovery Paths

Step 6: Update Two-Factor Authentication

Step 7: Check Shared Vaults

Step 8: Clean Up Duplicates

Step 9: Change Weak and Reused Passwords

Step 10: Delete the Export File

Step 11: Keep the Old Account Temporarily

Final Migration Checklist

Frequently Asked Questions

Stay ahead of the curve

Password Manager Migration Checklist: Move Your Logins Without Losing Access

Password Manager Migration Checklist: Move Your Logins Without Losing Access

Before You Start

Step 1: Create the New Vault

Step 2: Review Export Options

Step 3: Import Into the New Manager

Step 4: Verify Critical Accounts First

Step 5: Confirm Recovery Paths

Step 6: Update Two-Factor Authentication

Step 7: Check Shared Vaults

Step 8: Clean Up Duplicates

Step 9: Change Weak and Reused Passwords

Step 10: Delete the Export File

Step 11: Keep the Old Account Temporarily

Final Migration Checklist

Frequently Asked Questions

Stay ahead of the curve