1. Home
  2. Appendices
  3. Plain Text Export & Import Format
  1. Welcome
  2. About Password Safe
  3. Password Safe and YubiKey
  4. Getting Started
  5. Using Password Safe
  6. Password Safe Menus
  7. Options
  8. Appendices
    1. Aliasing Passwords
    2. Plain Text Export & Import Format
    3. Preferences
    4. Run Command
    5. Shortcut Keys
    6. Entry Icons
  9. Program Credits

Notes on Plain Text Export & Import

Warning: The Export of sensitive information from a Password Safe database to a text file has serious security consequences. This operation will create an unprotected copy of the passwords in the database. Deleting this copy after use is not sufficient and other actions should be taken to properly erase the data (e.g. third party 'shredding' utilities). The export of sensitive data effectively bypasses the security of the Password Safe program.

Note: The Export and Import to/from text files feature has been changed in V3.06. This page describes the current format.

Exported text will:

  • Begin with a Title Row as the first record in the text file
  • Use a delimiter to replace the 'newline' character in a multi-line Notes field and the period ('.') if present in the Title field. The default is '»' [Alt+0187], which may be overridden if needed.

Imported text is assumed to have:

  • A Title Row as the first record in the text file.
  • A delimiter to reinstate the 'newline' character in a multi-line Notes field and the period ('.'), if present, in the Title field. The default is '»' [Alt+0187], which may be overridden if needed.>

The Title Row for full data export currently contains the following fields by default, separated by a tab.

  • Group/Title
  • Username
  • Password
  • URL
  • AutoType
  • Created Time
  • Password Modified Time
  • Last Access Time
  • Password Expiry Date
  • Password Expiry Interval
  • Record Modified Time
  • Password Policy
  • History
  • Run Command
  • DCA
  • e-mail
  • Protected Status
  • Symbol list for password generation
  • Notes

When exporting data, you may use the 'Advanced' feature to exclude any number of these fields from the Title Row and records. The Advanced option also allows you to specify a subset of the entries to export, as shown below.

Advanced Text Export dialog box

During Import, the supplied Title Row must include 'column headings' that match exactly one of the above. If any 'column heading' is repeated, only the data in the last one will be added to the entries during import. If a 'column heading' does not match one of the above, the data in that column will be ignored during import. The fields must be separated with the field separator specified for the data in the Import Text dialog box.

Notes:
  • To import any data into Password Safe, the Title and Password fields must be present and neither blank nor empty, as it would be if adding a new entry to an existing database.
  • There is no restriction on the order of the 'column headings'.  Password Safe will use the supplied Title Row to correctly add the specified data to the right field.

Data Formats

Column Heading/Field Comments
Column Heading/Field If present, groups are separated by periods ('.'). The Title field cannot be blank, empty or contain the delimiter character.
Username
Password Cannot be blank or empty.
URL
AutoType
Created Time See note 1 below
Password Modified Time See note 1 below
Last Access Time See note 1 below
Password Expiry Date See note 1 below
Password Expiry Interval See note 1 below
Record Modified Time See note 1 below
Password Policy See note 3 below
History See note 2 below
Run command
DCA = 'Double Click Action'. See note 4 below
Shift+DCA = 'Double Click Action'. See note 4 below
e-mail
Protect
Symbols
Notes
  • The Notes field should be enclosed by double quotes ("like this").
  • The Notes field should not contain the delimiter character since on import it will be translated to a newline.

Notes: 1

Time fields can be one of the following 7 formats:

1. yyyy/MM/dd hh:mm:ss e.g., 2007/01/26 19:31:25
2. ddd MMM dd hh:mm:ss yyyy e.g., Fri Jan 26 19:31:25 2007
3. yyyy-MM-ddThh:mm:ss e.g., 2007-01-26T19:31:25
4. yyyy-MM-ddThh:mm:ssZ (XML only) e.g., 2007-01-26T19:31:25Z
5. yyyy-MM-ddThh:mm:ss±hh:mm (XML only) e.g., 2007-01-26T19:31:25+01:00
6. 0 Leave the field unset
7. now Use the time of the import operation

where:

yyyy The year in full. Value is between 1970 and 2038.
MM The month; e.g. 01 = January, 02 = February etc.
dd The day of the month
MMM The short form of the month; e.g. Jan = January, Feb = February etc.
ddd The short form of the day of the week; e.g. Mon = Monday, Tue = Tuesday, etc.
hh The hour using a 24-hour clock.
mm The minutes
ss The seconds

Note: Format '2' is the output from the ANSI C function 'asctime' and format '3' conforms to the ISO 8601 standard.

Notes: 2

Password history is represented in the exported entry record as a text field comprising a header followed by the required number of entries of old passwords:

Password History Header:

  • 1 hexadecimal digit - status for saving PWH for this entry (0 = no; 1 = yes)
  • 2 hexadecimal digits - maximum number of entries in this entry
  • 2 hexadecimal digits - number of entries currently saved

Each Password History Entry:

  • 8 hexadecimal digits - time oldpassword was set
  • 4 hexadecimal digits - length of old password
  • character string - old password>

Notes: 3

The Password Policy is represented in the exported entry record as a text field 'ffffnnnllluuudddsss' in hexadecimal format, e.g. 'F000010004002005003'. 6 hexadecimal values are contained in this format. The first value has 4 digits, all other 3.

'ffffnnnllluuudddsss' means in detail:

  • ffff : 4 hexadecimal digits representing the following flags
    • 0x8000: use lower case characters
    • 0x4000: use upper case characters
    • 0x2000: use digits
    • 0x1000: use symbols
    • 0x0800: use hex only (0-9,a-f) characters (if set, then no other flags can be set)
    • 0x0400: use EasyVision password characters
    • 0x0200: use pronounceable password characters
    • 0x01FF: not used
  • nnn : 3 hexadecimal digits : total length of password
  • lll : 3 hexadecimal digits : password minimum number of lowercase characters
  • uuu : 3 hexadecimal digits : password minimum number of uppercase characters
  • ddd : 3 hexadecimal digits : password minimum number of digit characters
  • sss : 3 hexadecimal digits : password minimum number of symbol characters

The Password Policy 'F000010004002005003' means

  • F000 : use lowercase, uppercase, digit and symbol characters
  • 010 : use at least 16 (dec) characters
  • 004 : use at least 4 lowercase characters
  • 002 : use at least 2 uppercase characters
  • 005 : use at least 5 digit characters
  • 003 : use at least 3 symbol characters

Notes: 4

The following values for Double Click Action are available:

  • -1: Use the database default
  • 0: Copy password to clipboard
  • 1: View/Edit selected entry
  • 2: AutoType
  • 3: Browse to URL
  • 4: Copy notes to clipboard
  • 5: Copy username to clipboard
  • 6: Copy password to clipboard, minimize
  • 7: Browse to URL + AutoType
  • 8: Run Command
  • 9: Send email