Skip to main content
Version: Next

Import Records

SyVault makes it straightforward to migrate from another password manager or browser. All imported data is encrypted locally before it is synced to the server.

Supported Sources

SyVault supports direct import from the following sources:

CategorySources
BrowsersChrome, Firefox, Safari, Edge, Brave
Password Managers1Password (.1pux, .1pif), Bitwarden (.json, .csv), LastPass (.csv), Keeper (.csv, .json), Dashlane (.csv, .json), KeePass (.kdbx, .xml), NordPass (.csv)
GenericCSV, JSON

Desktop App: Auto-Detect Import

The SyVault desktop app (Tauri) can auto-detect installed browsers and supported password managers on your system:

  1. Open the desktop app and navigate to Settings > Import.
  2. SyVault scans for known browser profiles and manager export locations.
  3. Select the detected source and click Import. The app reads the local database or profile directly -- no manual export step needed for browsers.
tip

Auto-detect import is the fastest and most reliable path. It reads directly from browser SQLite databases (Chrome, Brave, Edge) or profile directories (Firefox), avoiding the need to export unencrypted CSV files.

Web Vault: File Upload Import

If you are using the web vault or prefer to import from an exported file:

  1. Export your data from the source application (refer to the source app's documentation).
  2. In SyVault, go to Settings > Import.
  3. Select the source format from the dropdown.
  4. Drag and drop or browse to select your exported file.
  5. Click Parse to preview the import.
warning

Exported files from other managers are typically unencrypted. After import, delete the export file immediately using secure deletion (empty your trash, or use shred / srm on the file). Do not leave plaintext password exports on your filesystem.

Column Mapping

For CSV and JSON imports, SyVault displays a column mapping step:

  • Each detected column from your file is shown with a dropdown to map it to a SyVault field (Name, Username, Password, URL, Notes, TOTP, Custom Field).
  • SyVault auto-maps common column names (login_uri to URL, login_password to Password, etc.).
  • Unmapped columns can be imported as Custom Fields or skipped.
  • Preview the first five rows to verify correctness before proceeding.

Duplicate Detection

Before committing the import, SyVault runs duplicate detection:

  • Records are compared by URL + username combination.
  • Detected duplicates are flagged with a checkbox, defaulting to skip.
  • You can choose to overwrite existing records, keep both, or skip on a per-record basis.
  • A Select All / Deselect All toggle is available for bulk decisions.

Batch Encryption and Sync

Once you confirm, SyVault encrypts all imported records:

  1. A unique Data Encryption Key (DEK) is generated for each record.
  2. Each DEK encrypts its record payload using AES-256-GCM.
  3. Each DEK is then wrapped (encrypted) with the target Vault Key.
  4. The encrypted records and wrapped DEKs are uploaded to the server in batches of 100.

A progress bar shows the encryption and upload status. For large imports (thousands of records), expect a few seconds on modern hardware. The import is atomic -- if any batch fails, the entire import rolls back.