Notes on Plain Text Export & Import

Warning: The Export of sensitive information from a Password Safe database to a text file has serious security consequences. This operation will create an unprotected copy of the passwords in the database. Deleting this copy after use is not sufficient and other actions should be taken to properly erase the data (e.g. third party 'shredding' utilities). The export of sensitive data effectively bypasses the security of the Password Safe program.

Note: The Export and Import to/from text files feature has been changed in V3.06. This page describes the current format.

Exported text will:

Begin with a Title Row as the first record in the text file
Use a delimiter to replace the 'newline' character in a multi-line Notes field and the period ('.') if present in the Title field. The default is '»' [Alt+0187], which may be overridden if needed.

Imported text is assumed to have:

A Title Row as the first record in the text file.
A delimiter to reinstate the 'newline' character in a multi-line Notes field and the period ('.'), if present, in the Title field. The default is '»' [Alt+0187], which may be overridden if needed.>

The Title Row for full data export currently contains the following fields by default, separated by a tab.

Group/Title
Username
Password
URL
AutoType
Created Time
Password Modified Time
Last Access Time
Password Expiry Date
Password Expiry Interval
Record Modified Time
Password Policy
History
Run Command
DCA
e-mail
Protected Status
Symbol list for password generation
Notes

When exporting data, you may use the 'Advanced' feature to exclude any number of these fields from the Title Row and records. The Advanced option also allows you to specify a subset of the entries to export, as shown below.

Advanced Text Export dialog box

During Import, the supplied Title Row must include 'column headings' that match exactly one of the above. If any 'column heading' is repeated, only the data in the last one will be added to the entries during import. If a 'column heading' does not match one of the above, the data in that column will be ignored during import. The fields must be separated with the field separator specified for the data in the Import Text dialog box.

Notes:

To import any data into Password Safe, the Title and Password fields must be present and neither blank nor empty, as it would be if adding a new entry to an existing database.

There is no restriction on the order of the 'column headings'. Password Safe will use the supplied Title Row to correctly add the specified data to the right field.

Data Formats

Column Heading/Field	Comments
Column Heading/Field	If present, groups are separated by periods ('.'). The Title field cannot be blank, empty or contain the delimiter character.
Username
Password	Cannot be blank or empty.
URL
AutoType
Created Time	See note ¹ below
Password Modified Time	See note ¹ below
Last Access Time	See note ¹ below
Password Expiry Date	See note ¹ below
Password Expiry Interval	See note ¹ below
Record Modified Time	See note ¹ below
Password Policy	See note ³ below
History	See note ² below
Run command
DCA	= 'Double Click Action'. See note ⁴ below
Shift+DCA	= 'Double Click Action'. See note ⁴ below
e-mail
Protect
Symbols
Notes	The Notes field should be enclosed by double quotes ("like this"). The Notes field should not contain the delimiter character since on import it will be translated to a newline.

Notes: ¹

Time fields can be one of the following 7 formats:

1.	yyyy/MM/dd hh:mm:ss	e.g., 2007/01/26 19:31:25
2.	ddd MMM dd hh:mm:ss yyyy	e.g., Fri Jan 26 19:31:25 2007
3.	yyyy-MM-ddThh:mm:ss	e.g., 2007-01-26T19:31:25
4.	yyyy-MM-ddThh:mm:ssZ (XML only)	e.g., 2007-01-26T19:31:25Z
5.	yyyy-MM-ddThh:mm:ss±hh:mm (XML only)	e.g., 2007-01-26T19:31:25+01:00
6.	0	Leave the field unset
7.	now	Use the time of the import operation

where:

yyyy	The year in full. Value is between 1970 and 2038.
MM	The month; e.g. 01 = January, 02 = February etc.
dd	The day of the month
MMM	The short form of the month; e.g. Jan = January, Feb = February etc.
ddd	The short form of the day of the week; e.g. Mon = Monday, Tue = Tuesday, etc.
hh	The hour using a 24-hour clock.
mm	The minutes
ss	The seconds

Note: Format '2' is the output from the ANSI C function 'asctime' and format '3' conforms to the ISO 8601 standard.

Notes: ²

Password history is represented in the exported entry record as a text field comprising a header followed by the required number of entries of old passwords:

Password History Header:

1 hexadecimal digit - status for saving PWH for this entry (0 = no; 1 = yes)
2 hexadecimal digits - maximum number of entries in this entry
2 hexadecimal digits - number of entries currently saved

Each Password History Entry:

8 hexadecimal digits - time oldpassword was set
4 hexadecimal digits - length of old password
character string - old password>

Notes: ³

The Password Policy is represented in the exported entry record as a text field 'ffffnnnllluuudddsss' in hexadecimal format, e.g. 'F000010004002005003'. 6 hexadecimal values are contained in this format. The first value has 4 digits, all other 3.

'ffffnnnllluuudddsss' means in detail:

ffff : 4 hexadecimal digits representing the following flags
- 0x8000: use lower case characters
- 0x4000: use upper case characters
- 0x2000: use digits
- 0x1000: use symbols
- 0x0800: use hex only (0-9,a-f) characters (if set, then no other flags can be set)
- 0x0400: use EasyVision password characters
- 0x0200: use pronounceable password characters
- 0x01FF: not used
nnn : 3 hexadecimal digits : total length of password
lll : 3 hexadecimal digits : password minimum number of lowercase characters
uuu : 3 hexadecimal digits : password minimum number of uppercase characters
ddd : 3 hexadecimal digits : password minimum number of digit characters
sss : 3 hexadecimal digits : password minimum number of symbol characters

The Password Policy 'F000010004002005003' means

F000 : use lowercase, uppercase, digit and symbol characters
010 : use at least 16 (dec) characters
004 : use at least 4 lowercase characters
002 : use at least 2 uppercase characters
005 : use at least 5 digit characters
003 : use at least 3 symbol characters

Notes: ⁴

The following values for Double Click Action are available:

-1: Use the database default
0: Copy password to clipboard
1: View/Edit selected entry
2: AutoType
3: Browse to URL
4: Copy notes to clipboard
5: Copy username to clipboard
6: Copy password to clipboard, minimize
7: Browse to URL + AutoType
8: Run Command
9: Send email