diff --git a/src/freedombone-sec b/src/freedombone-sec
index 61ff7972..c5d544e8 100755
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@@ -69,6 +69,35 @@ LETSENCRYPT_SERVER='https://acme-v01.api.letsencrypt.org/directory'
 
 MY_USERNAME=
 
+function any_key {
+    echo ' '
+    read -n1 -r -p $"Press any key to continue..." key
+}
+
+function export_passwords {
+    detect_usb_drive
+    data=$(tempfile 2>/dev/null)
+    trap "rm -f $data" 0 1 2 5 15
+    dialog --title $"Export passwords to USB drive $USB_DRIVE" \
+           --backtitle $"Freedombone Control Panel" \
+           --defaultno \
+           --yesno $"\nPlease confirm that you wish to export passwords to a LUKS formatted USB drive." 10 60
+    sel=$?
+    case $sel in
+        1) return;;
+        255) return;;
+    esac
+
+    dialog --title $"Export passwords" \
+           --msgbox $"\nEnsure that the USB drive is plugged in then press Enter and type in the drive's encryption password" 8 60
+
+    clear
+    backup_mount_drive ${USB_DRIVE}
+    ${PROJECT_NAME}-pass --export ${USB_MOUNT}/freedombone-passwords.xml
+    backup_unmount_drive ${USB_DRIVE}
+    any_key
+}
+
 function get_protocols_from_website {
     if [ ! -f $WEBSITES_DIRECTORY/$1 ]; then
         return
@@ -725,18 +754,19 @@ function menu_security_settings {
     trap "rm -f $data" 0 1 2 5 15
     dialog --backtitle $"Freedombone Control Panel" \
            --title $"Security Settings" \
-           --radiolist $"Choose an operation:" 18 76 18 \
+           --radiolist $"Choose an operation:" 19 76 19 \
            1 $"Show ssh host public key" off \
            2 $"Password storage" off \
-           3 $"Regenerate ssh host keys" off \
-           4 $"Regenerate Diffie-Hellman keys" off \
-           5 $"Update cipersuite" off \
-           6 $"Create a new Let's Encrypt certificate" off \
-           7 $"Renew Let's Encrypt certificate" off \
-           8 $"Enable GPG based authentication (monkeysphere)" off \
-           9 $"Register a website with monkeysphere" off \
-           10 $"Allow ssh login with passwords" off \
-           11 $"Go Back/Exit" on 2> $data
+           3 $"Export passwords" off \
+           4 $"Regenerate ssh host keys" off \
+           5 $"Regenerate Diffie-Hellman keys" off \
+           6 $"Update cipersuite" off \
+           7 $"Create a new Let's Encrypt certificate" off \
+           8 $"Renew Let's Encrypt certificate" off \
+           9 $"Enable GPG based authentication (monkeysphere)" off \
+           10 $"Register a website with monkeysphere" off \
+           11 $"Allow ssh login with passwords" off \
+           12 $"Go Back/Exit" on 2> $data
     sel=$?
     case $sel in
         1) exit 1;;
@@ -768,33 +798,37 @@ function menu_security_settings {
             exit 0
             ;;
         3)
-            regenerate_ssh_host_keys
+            export_passwords
+            exit 0
             ;;
         4)
-            regenerate_dh_keys
+            regenerate_ssh_host_keys
             ;;
         5)
+            regenerate_dh_keys
+            ;;
+        6)
             interactive_setup
             update_ciphersuite
             ;;
-        6)
+        7)
             create_letsencrypt
             ;;
-        7)
+        8)
             renew_letsencrypt
             ;;
-        8)
+        9)
             enable_monkeysphere
             ;;
-        9)
+        10)
             register_website
             ;;
-        10)
+        11)
             allow_ssh_passwords
             change_ssh_settings
             exit 0
             ;;
-        11)
+        12)
             exit 0
             ;;
     esac