I have been using KeePassXC for around 10 years now, and recently decided to migrate to Vaultwarden due to the sync features and the ability to share logins between users.
However, when I import my KeePassXC export I get one of two scenarios:
.CSV export - No Passkeys are included in the export
.XML export - Passkeys are successfully exported, but Vaultwarden imports them as custom fields e.g. “KPEX_PASSKEY_CREDENTIAL_ID” that are not recognised by the clients.
My question is, how can I import my KeePassXC database into Vaultwarden and retain working Passkeys ?
Thanks!
I think you probably need to transform the XML to a Bitwarden json. The provided sample file does not include a passkey but if I export an entry myself the login entry has a key called fido2Credentials that looks like this:
"login": {
"uris": [
{
"uri": "https://www.passkeys.io/",
}
],
"fido2Credentials": [
{
"credentialId": "REDACTED",
"keyType": "public-key",
"keyAlgorithm": "ECDSA",
"keyCurve": "P-256",
"keyValue": "REDACTED",
"rpId": "www.passkeys.io",
"userHandle": "REDACTED",
"userName": "REDACTED",
"counter": "0",
"rpName": "passkeys.io",
"userDisplayName": "REDACTED",
"discoverable": "true",
"creationDate": "2024-06-14T12:34:05.183Z"
}
],
"username": "REDACTED",
"password": null,
"totp": null
},
Hope that helps.
Thanks Stefan. That definitely points me in the right direction.
I’ll try and create a script to transform the XML and adjust all the KeePass specific fields related to Passkeys into Bitwarden JSON.