Switch to Codebook

During the BlackHatEU conference in 2012 ElcomSoft presented an analysis of 17 popular iOS and Blackberry password managers. Their results showed that most of the products are either:

  • Storing data in an unencrypted format
  • "Encrypted so poorly that they can be recovered instantly"
  • Susceptible to basic cracking techniques (i.e. rainbow tables)

The presenters noted that Codebook (called STRIP back then), using an encryption key derived through 4,000 iterations of PBKDF2-SHA1, was the most secure app, "by far the most resilient app to password cracking" and appeared to be the only application that properly implemented strong cryptography.

Since this paper was published the number of PBKDF2 iterations in all versions of Codebook has been increased to 64,000, and we've added per-page HMAC authentication to prevent tampering. We're constantly working to improve SQLCipher, Codebook's open-source, encrypted database engine.

Source: ElcomSoft

Importing your data into Codebook via CSV

One of the most common data export and import formats, Codebook readily imports CSV (comma-separated values) files with a few simple requirements. If you are switching to Codebook from another password manager that provides a CSV export, you can usually import it into Codebook by renaming some columns.

Converting Your Data with Convert to Codebook

Screen shot of Convert to Codebook interface

We've written a simple conversion tool to help new customers migrate from SplashID, 1Password, Password Safe, and SafeWallet to Codebook (although 1Password users may find it simpler to export from 1Password in CSV format). Instructions for importing your data from LastPass are also available.

The Convert to Codebook utility is free:

Convert to Codebook for Windows

Convert to Codebook generates a CSV file that you can then import into Codebook for Windows and Codebook for macOS, which have an Import feature under the File menu. CSV Import is not available on Android or iOS. Codebook for Windows and Codebook for macOS are sold separately from the mobile versions (we can't bundle purchases between the various app stores.)

Convert to Codebook only supports SplashID, SafeWallet, Password Safe, and 1Password export files. If there's some other export format you would like to see us support, be sure to let us know!