Set Up a Password Manager: Move Logins from Chrome/Safari to One Vault

Many people start with the built-in password saving in a browser: Chrome on a Windows laptop, Safari on a Mac, maybe an iPhone in between. It works—until you need to log in on a different device, share an account with your family, or simply want a clearer overview. Then you notice the “fragmentation” problem: the right login exists, just not in the place you’re currently using.

A dedicated password manager solves that by keeping everything in one encrypted vault and offering autofill across browsers and phones. The tricky part is the move. Export files can contain your passwords in plain text, so you want a process that is careful, predictable, and easy to undo if something looks off.

The guide below walks you through exporting from Chrome and/or Safari, importing into one vault, and doing a clean handover so you don’t keep sensitive duplicates around.

A password manager is an app (plus browser extension) that stores your logins in an encrypted database called a vault. “Encrypted” means the data is scrambled so it’s unreadable without your master password (and ideally a second factor like an authenticator code). The vault can sync across devices, so one change updates everywhere.

When you move logins from a browser, you usually work with a CSV file. CSV stands for “comma-separated values”: a simple table-like text file. The important detail: browser exports are typically not encrypted. Anyone who can open the file can read the passwords. That’s why the safest approach is to export, import immediately, then delete the file.

Treat password export files like cash: keep them around only as long as you absolutely need them.

Most modern password managers support importing from Chrome or Safari, either directly or via CSV. The exact button names differ, but the logic stays the same: get your data out of the browser’s password store, bring it into the vault, then verify a few logins before you rely on it.

Before you start moving anything, set up a safe working environment. The goal is to avoid half-imports, duplicates, and leftover export files.

Quick checklist:

• Pick one “target vault” first (your chosen password manager). Create your account and sign in on at least one desktop device.
• Update your browser and OS where you plan to export (current Chrome, current macOS/iOS). Export options can be hidden or moved in older versions.
• Use a private, trusted device. Avoid exporting on shared PCs or school/work devices with strict monitoring or shared accounts.
• Temporarily pause cloud backup for the export folder if possible. A CSV in a synced “Documents” folder can spread to other devices automatically.
• Know where the file will land: choose a local folder you can find again (and can securely delete afterward).
• Plan your “cleanup step”: after import and verification, you’ll remove export files and consider turning off browser password saving.

If you already have logins in your new manager, decide whether you want to start fresh (empty vault) or merge. Many tools don’t automatically de-duplicate, so a clean starting point reduces confusion later.

The steps below are written to work with most popular password managers. When the guide says “your password manager”, follow the equivalent menu for your app (often called Import, Tools, or Data).

1. Export passwords from Chrome (desktop). Open Chrome and go to the Google Password Manager. In current versions, you can use Chrome’s settings path (Passwords/Password Manager) and choose the export option to download a CSV file. Confirm with your device login if asked. Save the file somewhere local you can delete later (not a shared folder).
2. Export passwords from Safari / iCloud Passwords. On iPhone, Apple provides an export option from the system password storage that creates a ZIP containing a CSV. On a Mac, Safari can export passwords as a CSV as well. Confirm with Touch ID, Face ID, or your Mac login when prompted. Store the export locally and keep it only for the import.
3. Open your password manager and start the import. Look for a section like Import or Tools → Import. Choose the correct source format if offered (for example “Chrome (CSV)” or “Safari/macOS (CSV)”). This matters because managers map columns slightly differently.
4. Import Chrome first, then Safari (or vice versa). Import one source, let it finish, then import the second. If you import both at once, it’s harder to spot duplicates or a formatting issue.
5. Verify with a small “login test set”. Pick 5–10 accounts you use often (email, shopping, social, work/school portal). Open each website, use the password manager extension/app to autofill, and confirm you can sign in. If a login fails, check whether the username is correct and whether you have multiple entries for the same site.
6. Enable autofill on your devices. Install the browser extension on your desktop browser and enable autofill on iOS/Android in system settings. This is what makes the vault feel seamless day to day.
7. Securely delete the export files. Remove the CSV (and the ZIP, if Safari created one) after you’ve confirmed the import. Remember: CSV is usually plain text. Also empty the recycle bin/trash if your workflow requires it.
8. Do a controlled handover. Consider turning off browser password saving so new logins don’t “split” again. Keep the browser’s old passwords for a short transition period only if you need a fallback.

If everything worked, you should see your logins in one place, and autofill should offer entries consistently across browsers and devices. At that point, the vault becomes your single source of truth.

Problem: The export option is missing or disabled. In managed environments (school/work devices), exporting can be blocked by policy. Try on a personal device. Also make sure you’re exporting from the password manager view (not general browser data export).

Problem: Duplicate entries after importing from both Chrome and Safari. This is common if you used both browsers for the same services. Many password managers don’t auto-merge duplicates. Sort by website, keep the newest working entry, and delete the rest. If you’re unsure, rename one entry temporarily (for example “OLD”) and test.

Problem: Some logins are missing. Not every credential type exports. Apple notes that certain items (for example Wi‑Fi passwords or some shared/group items, depending on how they were created) may not be included in exports. Also check whether the login was stored in a different profile or a different browser account.

Tip: Prefer “direct import” if your manager supports it. Some tools can import directly from browsers, reducing the need for an unencrypted CSV on disk. If you see that option in your manager, it’s often the safer path.

Tip: Strengthen the vault right away. Use a strong, unique master password and enable two-factor authentication (2FA). 2FA means you need a second proof (like a one-time code) in addition to your password, which makes account takeover much harder.

Variant: Moving only part of your passwords. If you want a gentle transition, export/import first, then clean up in the vault: delete old accounts, update weak passwords, and organize with folders or tags. The key is still having one vault as the “final” place for anything you keep.

A clean move from browser-saved passwords to a dedicated vault is mostly about process: export carefully, import into one place, verify a handful of key accounts, and remove the plain-text leftovers. Once your password manager is set up on desktop and phone, you get consistent autofill, easier password changes, and fewer “which device has the right login?” moments.

Take your time with the handover. A short transition period is fine, but long term it’s best to avoid storing the same secrets in multiple places. Your future self will thank you the next time you switch devices or browsers.