Google Chrome: Import/Export Passwords?

google-chrome passwords import export password-management

135,373

Solution 1

As Neal said, the folder User Data is the one to look for. If you want a software solution try the extension Lastpass (or at the Google site). It allows you to save and restore password in Google Chrome as well as in Firefox, IE and Safari.

Solution 2

Enable password export in Chrome by going to chrome://flags/#password-import-export, then you can export it to CSV file.

Source: How to Export and Import passwords in Chrome browser.

Solution 3

You can also use this standalone tool called chromepass http://www.nirsoft.net/utils/chromepass.html

ChromePass is a small password recovery tool that allows you to view the user names and passwords stored by Google Chrome Web browser.

There is a option to export into your keepass password manager too.

Note: If you feel unsafe to use third-party tools, get script from here https://github.com/hassaanaliw/chromepass and run yourself.

Solution 4

I found a decision how to show all your passwords from Chromium. Tested on Ubuntu 14.04 and Chromium: Version 40.0.2214.111 Ubuntu 14.04 (64-bit). I used js script found early in search.

Output maked in format: url|login|pass

Steps:

Open in Chromium browser link to Chrome password manager: chrome://settings-frame/passwords
Open console (F12) and insert this js code:


    out="";
    out2="";
    var pm = PasswordManager.getInstance();
    var model = pm.savedPasswordsList_.dataModel;
    var pl = pm.savedPasswordsList_;

    for(i=0;i<model.length;i++){
       PasswordManager.requestShowPassword(i);
    };

After step 2 you will see all your passwords in Chromium Password manager Dialog.
And now insert this part of js code in console:


    for(i=0;i<model.length;i++){
    var item = pl.getListItemByIndex(i);
    out+="\n"+model.array_[i][0]+"|"+model.array_[i][1]+"|"+item.childNodes[0].childNodes[2].childNodes[0].value;
    out2+='<br/>"http://'+model.array_[i][0]+'","'+model.array_[i][1]+'","'+item.childNodes[0].childNodes[2].childNodes[0].value+'","http://'+model.array_[i][0]+'","","",""';
    };
    console.log(out);
    document.write(out2);

Now you see all your passwords in format i described early.
Write script on any language to import your passwords in browser like FireFox :)
Profit.

Github: https://github.com/megmage/chrome-export-passwords

p.s. I Try to use all parts of code together, but it isnt work :(

update: Chrome API based version in GitHub.

Solution 5

You could try XMarks.

I'm fairly sure that if you just copied the profile (ie the stuff in C:\Users\Username\AppData\Local\Google\Chrome\User Data\Default)from Windows to Linux, you would get everything working correctly, without any export/ import.

View more solutions

135,373

Jeffrey Blake

By day I work as a programmer/CEO/one-man-show at a small software development company called Interware Innovations. In my spare time, I'm the CEO of an online poker training site: Grinderschool.com

Updated on September 17, 2022

Comments

Jeffrey Blake almost 2 years

I recently migrated from Windows7 to Kubuntu 10.0.4. In many ways, I'm loving the change. (I never knew it could be such a seemless process to write/test scripts!)

One of the few things that is causing me any hangup is that none of the passwords that were saved in my browser are available (obviously, since it's a completely separate installation). Is it possible to export my passwords from the Windows instance of Chrome and then import them into the Linux version?
- ccpizza over 8 years
  
  An answer is available here superuser.com/a/675167/65975
- Mathieu K. over 5 years
  
  The functionality appears to be built into chrome://settings/passwords now. See the duplicate question to which ccpizza links above.
HiFi almost 14 years

I've been using LastPass for 2 years and it works great! Got it on 6 browsers on 4 different OS's
0xPixelfrost over 12 years

It seems that lastpass is not longer able to export the passwords to chrome -.- Is there already a new solution?
Jeffrey Blake about 12 years

@mmm... This is almost a month after you asked, but I wanted to answer you: I don't think you need to export the passwords with Lastpass. Just install the extension onto whichever browser you use and they will be available. From any system. The passwords are stored in their encrypted vault, so you don't have to worry about any of that on your end.
Tim Lewis almost 11 years

Perfect! I'm in the process of migrating to KeePass and this is just what I need. Thanks!
chris-l almost 11 years

The exact file where the passwords are stored is Login Data.
arod over 10 years

xmarks does not synchronize passwords anymore, gotta use lastpass
Grigory Kislin over 8 years

Thanks! For Chrome 48.0.2564.109 m it is needed to small change: replace [0] to origin and [1] to user.
Skidisaster about 8 years

I updated my github source code. Sources for Chrome 51+ and before 51 is defferent.
eapo almost 8 years

Thank You! Good solution. Just don't forget to turn off the security scanner before, because detects as a harmful software what want to stole your information.
Grogs over 7 years

Step 4 no longer works. I used the following instead: gist.github.com/Grogs/b08d1fa288c3b6bb29ee3703218c2300
Hey about 7 years

@eapo Disabling the security software detecting a program as malicious is an incredibly stupid thing to do unless the code has been at least well-reviewed, which it hasn't be because the code is not public. This program is detected as malicious by at least 17 antiviruses (virustotal.com/fr/file/…). Bonus point for being distributed over HTTP and therefore being vulnerable to tampering.
Hey about 7 years

This should be the accepted answer. It's simple, doesn't require additional software and is totally safe as it doesn't require the user to trust some unknown shady freeware.
Hey about 7 years

I don't think that the User Data part is still relevant as Chrome now stores its saved credentials in the system's keyring. Also, it should be mentioned that LastPass is a commercial service whose feature is to sync passwords "in the cloud" and which will ask you to register an account and send the passwords to them. It's not a simple "export" extension.
DavidPostill about 7 years

@YdobEmos It's labeled as malicious because it retrieves stored passwords and may therefore be used in a malicious way. NirSoft is a trustworthy company.
eapo about 7 years

anyone (except @YdobEmos) can disable the system's security scanner for the moment of using the tool, just don't forget to enable after it. ;)
Hey about 7 years

@DavidPostill May I ask what tells you that this is a trustworthy company ? Anyone can set up a website and tell users to trust them. Also, this does not solve the unsecured connection problem. Even if the code is trustworthy, nothing tells you that the binary hasn't been tampered with, which is a real attack and not a theoretical threat.
DavidPostill about 7 years

@YdobEmos Feel free to not use the program.
Hey about 7 years

@DavidPostill How is this answer helpful to anyone ? I'm raising a serious concern over this answer's security, which could cause unexperienced users to become infected, and your answer to these concerns is "just don't use it" ? I was never going to use it anyway and it's not the problem. The problem is that this software has not been proved trustworthy, is detected as a malware by several well-known antiviruses, and should not be recommended to these users without having been proven safe.
DavidPostill about 7 years

@YdobEmos I've used it, and many other NirSoft programs, without any problems at all. I've explained already exactly why it is flagged as unsafe by anti-virus vendors. They are are playing safe because it could be used by hackers to retrieve passwords. That doesn't mean the programs don't have legitimate uses and are inherently unsafe. There is no evidence that anyone has had data lost or stolen through using these or other similar password retrieval programs.
Hey about 7 years

First, "never had any problems" is not relevant to security at all. The people who used chinese smartphones also had "never had any problems" before it was discovered that said smartphones sent their personal info to shady companies without their consent. Second, you have not provided any source for why antivirus softwares flag it that way, and therefore it is nothing more than speculation. Third, binary tampering is still possible. Your third argument is just a replay of the "never had problems" one. This answer is the exact opposite of good security practice, and there are safer methods.
Arul about 7 years

@YdobEmos you can use this github.com/hassaanaliw/chromepass
Hey about 7 years

@Arul Thank you, but I solved my password extraction problem with Adam's answer, which requires nothing more than Chrome. I was raising concerns that this answer could put other users at risk while not being necessary at all. I hope my comments will at least make them think twice before running an untrusted binary downloaded over an insecure connection.
Legion about 7 years

As an update, for Chrome 59 this still works but you will need to go to chrome://settings-frame/passwords to access import/export ability after the flag
Micah Lindström over 6 years

For Chrome 63, it's back to being available from the normal "Settings" → "Advanced" → "Manage Passwords"
Admin about 6 years

For Chrome 66, it no longer works