For some time I’ve been using LastPass to manage my passwords (other password managers are available!) but have never fully moved over to using it full-time, because of the ease of just getting Chrome to remember my password instead.

Well, I’ve decided, and there are very good security reasons for doing so, to move full-time to LastPass. But how to do it?

First of all, you may want to backup your Chrome passwords because, well, you never know which one you may not have noted down elsewhere. Here, there are two options…

  1. If you’re using Windows, you can use the free ChromePass tool.
  2. Alternatively, there’s a hidden export options in Chrome…
    1. Open Chrome://flags in  Chrome
    2. Find ‘Password Import and Export’ option, select ‘Enabled’ from the drop-down box and then restart Chrome
    3. Now, open the Chrome://settings/passwords page
    4. At the bottom of the list of passwords is now an ‘Import’ and ‘Export’ button. Click on Export button to save your passwords
    5. The resulting file is in .csv format and can be imported into Excel. This file includes visible passwords

Now you have a backup of your passwords, you need to sign into each Chrome browser you have synced to your account and head for chrome://settings/clearBrowserData. Make sure ‘Passwords’ is ticked, along with ‘the beginning of time’ in the drop-down box at the top. I also ticked ‘Cookies’ as well, to sign me out of all sites, so I had to immediately sign back in (and hence test if my saved passwords have captured everything!). Click on ‘Clear Browsing Data’ – it will take a short while to run but, once done, your passwords from that device have gone. Now repeat this on all the others.

If, like me, you no longer wish to store passwords in Chrome, head back into the main settings screen (chrome://settings/) and untick the box named ‘Offer to save passwords with Google Smart Lock for Passwords’. I also ticked the one above, ‘Enable Auto-fill  to fill in web forms in a single click’ for extra security.

So, passwords are now gone? Not necessarily. All of them are synced to Google’s server – if you sign into another device it will download from there and, chances are, your passwords will still be there too. If you give it time, they should theoretically wipe themselves and go away but if that doesn’t happen, you can do it yourself.

You can check what’s stored on their browser from their Chrome Sync page. Once you’ve done all of the above, head to this page and press the ‘Reset Sync’ button at the bottom. This will clear ALL the data on the Google servers and force it to upload them from all your Chrome browsers – in the case of passwords, as you now have none, nothing will be uploaded.