Export Passwords from KeePass for Pleasant
See why customers choose Pleasant Password Server with a KeePass client
It is possible to export a user's set of passwords, by using KeePass for Pleasant Password Client.
Creating a file export can be beneficial for analyzing data, storing data, disaster recovery, reporting and auditing, or manipulating the information in different formats.
Important: When making a copy of these secured vault passwords, ensure that the new file location is properly secured.
Have Questions? Contact Us!
There are a number of options available for exporting data from Pleasant Password Server:
Formats Available:
- CSV, KDB, KDBX, XML, customizable HTML, Transform using XSL, or as Windows Favourites (bookmarks)
- can be encrypted and password protected, or plain text, as you choose.
Methods:
- KeePass desktop app (many formats)
- Web App (CSV)
- in Web App General Settings
Web App Export
The web application has a basic export provided (CSV file). Available from:
- Web App > General > Settings
Export via API
Exporting can be handled nicely using an export script which retrieves the information from the server via the Application Programming Interface (API):
Contact Us for an example script or if you have additional questions.
KeePass Export
The KeePass export provides a comprehensive export of data. By default the export option may be disabled by default for your users. (see Enabling Export)
Export all fields - including custom fields:
The most flexible of the KeePass export options may be the KeePass XML file export or the Customizable HTML file export.
- Export All Fields (technical): Currently we could first export using XML, then convert this format to CSV.
Not included in the Export/Import files (database backups will include this data):
- Security Access
- Roles
- File Attachments
- Plugin data
KeePass Formats Available:
- CSV, KDB, KDBX, XML, customizable HTML, Transform using XSL, or as Windows Favourites (bookmarks)
- The export can be encrypted and password protected, or plain text, as you choose.
- Not included in the Export/Import files:
- Security Access
- Roles
- File Attachments
- Plugin data
KeePass Export Steps
Step 1:
- Export All Folders/Groups:
-
File > Export
-
-
Export Folder/Group only:
- Select the folder group
- Navigate to Group > Data Exchange > Export Group
- Select the export format you wish to use
- In the Options tab: select any additional options, for example "Additionally export parent groups"
Step 2: Select a Format type and a filename. Click Ok.
Step 3: Enter a custom password (versions 7.9.6 or higher)
- Previous versions (before 7.9.6 - default password): export_password
KeePass Import Steps
To import this file back into either KeePass for Pleasant Password Server or the regular KeePass (keepass.info):
- Import the file into KeePass
- When prompted, enter the password
- custom password (needed versions 7.9.6 or higher),
- or the default password (needed for previous versions): export_password
Enabling Export
By default the Export functionality is turned off for users, but can be simply re-enabled by users unless this option is restricted (see section: Restrict Password Export).
To re-enable export on the user's desktop:
- Navigate to KeePass for Pleasant > Tools > Options > Policy tab
- Check these options on:
- Export * (Allow exporting entries.)
- Export - No Key Repeat * (Do not require entering current master key before exporting.)
- * Restart KeePass
If the first option is not enabled you may see:
- KeePass: "This operation is not allowed by the application policy. Ask your administrator to allow this operation. The following policy flag is required: Export - Allow exporting entries."
If the second option is not enabled you may see the following prompt & popup:
- KeePass: "Enter Current Master Key" (window prompt)
- KeePass: "The composite key is invalid! Make sure the composite key is correct and try again." (popup)
Restricting Password Export
The ability to Export passwords / information can be restricted by administrators:
- By navigating to the KeePass options,
- Turning off KeePass Export and "Copy Whole Entries", and
- Assigning this Client Configuration file to be enforced for selected Users or Roles.
Better Alternatives than Exporting Passwords
These related methods are useful ways to manage the storage of your passwords, and are likely more secure/more convenient in many situations:
- VM Snapshots
- Database Replication
- Backup and Restore
- Scripted Automatic Backups
- Caching Passwords Offline
- Export Entries to CSV file via API
- Archive Folder
How do I change the KDBX file password?
(versions before 7.9.6)
To store your exported passwords in a KDBX file with a password different than the default password mentioned in the section above, then follow these steps:
- Open KeePass for Pleasant Password Server.
- Export your entries to a KDBX file.
- Exit KeePass for Pleasant Password Server (make sure it's completely closed)
- Open up the regular version of KeePass (download from: https://keepass.info)
- Create a new database.
- Open File -> Change Master Key, and set a new password.
- Import your passwords from the KDBX file you exported earlier.
Scheduling Automatic Exports
Exports can be scheduled in combination with a script and a task scheduler. For the purpose of Disaster Recovery this could be helpful, to save this information into another secure location.
We would first recommend using the built-in Backup & Restore. Exporting can potentially consume time or interfere with other user actions.