How to Move Passwords from LastPass to Bitwarden in 2026
If you are switching password managers, knowing how to move passwords from LastPass to Bitwarden can save time and reduce risk.
This guide walks through export, import, cleanup, and security checks so your vault migration is smooth and complete.
Why people migrate from LastPass to Bitwarden
Bitwarden and LastPass both store passwords, secure notes, payment cards, and identity data, but many users choose Bitwarden for its open-source model, transparent security approach, and flexible deployment options.
Bitwarden also offers support across Windows, macOS, Linux, iOS, Android, and major browsers, making it a practical alternative for individuals, families, and organizations.
Before migrating, it helps to understand what you are moving: login credentials, secure notes, usernames, URLs, TOTP seeds if supported, and some browser-imported data.
Not every field transfers perfectly, so a careful review matters more than the import button alone.
What to prepare before you start
Prepare both accounts and make sure you can access them from a trusted device.
The safest approach is to complete the export and import on a private computer, then verify the results before deleting anything from LastPass.
- LastPass account access and master password
- Bitwarden account access and master password
- A current browser and updated desktop apps if available
- Temporary local storage space for the exported file
- Enough time to review entries after import
For security, use a private network if possible, close unnecessary browser tabs, and avoid leaving the exported file on disk longer than needed.
Password export files are sensitive plain-text or semi-structured data until they are imported and deleted.
How to export passwords from LastPass
To move data out of LastPass, use the built-in export function from the web vault or extension.
The exact menu labels can vary slightly by interface version, but the workflow is generally straightforward.
Export from the LastPass vault
- Sign in to your LastPass account.
- Open the vault and look for an export option in advanced or account settings.
- Choose to export as a CSV file.
- Authenticate again if prompted.
- Save the file to a secure local folder.
LastPass CSV exports usually include fields such as name, URL, username, password, and notes.
Some items may also contain folders or extra metadata depending on how the vault was structured.
Important export cautions
- Do not email the export file to yourself.
- Do not upload it to cloud storage unless you encrypt it first.
- Delete the file after successful import and verification.
- Check whether the export includes shared items, secure notes, or attachments that may need separate handling.
If your LastPass account contains shared vault items or business data, confirm whether those items are managed through a team plan or organizational structure.
Admin-managed entries may require a separate export process or permission from the organization owner.
How to import LastPass data into Bitwarden
Bitwarden supports importing from many password managers, including LastPass.
You can import from the web vault, desktop app, or browser extension depending on your setup, but the web vault is often the easiest starting point.
Import into the Bitwarden web vault
- Sign in to your Bitwarden account.
- Open Tools or Settings, then locate the Import Data option.
- Select LastPass as the import format.
- Upload the CSV file exported from LastPass.
- Confirm the import and wait for processing to finish.
After import, Bitwarden typically creates items in your vault with the same basic structure: name, URI, username, password, and notes.
If folder structure is preserved, review whether organization labels match your workflow.
Import formats and field mapping
Bitwarden maps common LastPass fields automatically, but some special items may need manual cleanup.
Examples include custom fields, secure notes, autofill edge cases, and entries with unusual characters in the URL or username fields.
Imported records should be reviewed for duplicates and missing data, especially for accounts with 2FA or custom login pages.
How to verify the migration
Verification is the most important part of the process.
A successful import does not always mean every credential is immediately usable, so test critical entries one by one.
- Open several imported logins and confirm usernames and passwords are present.
- Test login on a few high-value sites such as email, banking, and cloud storage.
- Check secure notes for completeness and formatting.
- Review saved card data and identity entries if you imported them.
- Look for duplicates, blank passwords, and old accounts you no longer need.
Pay special attention to websites with multiple sign-in methods, such as SSO, passkeys, or authenticator-based login.
Some entries may need the login URL updated or a custom field added to preserve smooth autofill behavior.
What to do with two-factor authentication data
LastPass and Bitwarden both support secure storage, but handling two-factor authentication requires extra care.
If you used LastPass Authenticator or stored TOTP codes in LastPass notes, verify whether those seeds came over during export.
In many cases, authenticator secrets must be re-added manually.
For sensitive accounts, confirm the following after migration:
- Backup codes are stored somewhere separate and safe
- TOTP entries are functioning in Bitwarden if supported
- Recovery email and phone details are current
- Passkeys, if used, are registered on the new device set
For organizations following NIST-style security practices, this is also a good moment to review MFA strength and remove outdated recovery methods.
How to organize and clean up the Bitwarden vault
Once your passwords are imported, use Bitwarden’s organization tools to make the vault easier to navigate.
Clean structure reduces future maintenance and helps prevent entry sprawl.
- Create folders or collections for work, personal, financial, and shared items.
- Rename unclear entries so site names are recognizable.
- Remove abandoned or duplicate credentials.
- Add custom fields for account IDs, PIN hints, or internal references where appropriate.
- Turn on password generator tools for future changes.
Many users also take the opportunity to change weak or repeated passwords after migration.
Bitwarden’s password health tools and duplicate-password checks can help identify which logins should be updated first.
Security steps after the move
After you finish the import, secure the migration trail.
Delete the LastPass export file from downloads, trash, and backups if possible, then clear any clipboard data that may contain passwords.
If you used a shared computer, sign out of both services and remove local browser profiles that stored sensitive session data.
You should also review access settings on both accounts.
Disable or remove any devices, browser extensions, or sessions that are no longer needed.
If you are retiring LastPass completely, confirm subscription cancellation and account closure steps according to your plan type.
Common migration problems and fixes
Why did some passwords not import correctly?
CSV files can break when entries contain commas, line breaks, or special characters.
If a few records look incorrect, open the export in a spreadsheet editor only if necessary and compare the fields carefully before re-importing.
Why are some logins duplicated?
Duplicates often appear when the same account existed in multiple folders or when browser-saved entries overlapped with vault records.
Remove duplicates manually and keep the most complete version of each login.
Why do some sites not autofill?
Autofill depends on the correct website URL and login form matching.
Edit the URI field, verify the domain, and test with the browser extension enabled.
Some complex sites require a second URI or a custom URI match type.
When to consider a fresh vault instead of a full import
In some cases, a straight import is not the best long-term option.
If your LastPass vault contains years of outdated data, broken notes, or many duplicate entries, creating a smaller, curated Bitwarden vault may be safer.
This approach takes longer initially but can improve security and usability for future password management.
For teams, businesses, and families, it is often worth documenting which entries are essential, who owns each account, and where shared access belongs before finalizing the migration.
That process helps ensure the new vault is not only transferred, but also better structured than the old one.