≡ Menu

travel blog adviceThere are literally thousands of travel blogs on the Internet and they come in all different shapes and sizes. Travel Blog Advice will teach you what you need to know about travel blogging including why you should start a travel blog, the potential benefits of a travel blog, and the ways to set up a travel blog.

For those of you who’ve had a travel blog for some time you may be interested in reading more about these topics.

My name is Anil Polat and I’ve been travel blogging for over 3 years and some of my other blogs include foXnoMad, Tech Guide For Travel, and How To Travel With Pets. I don’t have all of the answers but would like to share what I’ve learned about travel blogging with you. I hope that you’ll add to the discussion and leave your own tips and advice in the comments section of each post.


These are some of the most common travel blogging questions we’ve been asked. Here’s what we’ve learned over the past 12 years of blogging and want to share with you.

travel blogging laptop

What’s your process for making content?

It depends on what kind of content it is; if I’m making a video, the answer could be go outside with my tripod, find a nice view and just start. When it comes to development, that’s a totally different process, and writing is another process. Always write things down. Set out a rough plan for the day, week, and month so you can be efficient. Again, always write down your ideas. Sometimes an idea doesn’t sound very good when you write it down, but you never know how it can manifest a couple of weeks later.

How do you make most of your money? Is it through sponsors?

There are 2 ways to go about this. 1) you have to ask yourself why would anybody want to give you money? What skills do you have, what can you offer? How can you be useful to other people? That’s the first thing you need to address. After you figure that out, there are to strategies that you can go with. One, you can find one way to make $1 million. Or, you can find a million ways to make $1.

So some people are really good at finding the one way that makes one million dollars, it’s a lot more rare. But it’s a lot easier to find a lot of ways to make money and let that accumulate. So what I would say is think of your business or finances as a table, and the more legs you have for that table to stand on, all the better. You don’t need to find just one way to make money.

If you look through my site, you can see there are lots of ways that I’m generating revenue. I would say don’t try to copy something that someone is doing specifically, but maybe look at the strategies that blogs are using and see what is working for other people and maybe what isn’t working for other people.

I highly recommend that you go through a lot of trial and error. There is one case where it doesn’t matter how talented you are or aren’t at something, and that is when hard work is involved. That’s something that’s all on you. You have no excuse not to work hard. The harder you work the more results you’re going to get, and the one thing that you can do to even the playing field, the one thing that is in your control is hard work.

What are some platforms you use to spark growth for your blog?

I started blogging more than ten years ago. And at that time, there really wasn’t Instagram so I was doing Facebook and Twitter, and now I’m doing a lot more YouTube, which is something that I did start years ago and sort of gave up on. Now, I’m really getting back into it, and I really enjoy the process of making videos. I don’t really have a good answer for this question, I don’t really have a good method to spark growth. I just keep trying to be useful and help people travel smarter. I think if I keep doing that and I keep being successful with that I can help the blog grow.

Did you attend conferences to get started? 

Yes, when I first started my blog about 10 years ago, I did attend one conference, the TBEX conference, which was nice. I met some other bloggers who I’ve kept in touch with since then. But actually since then, I haven’t really gone to any other conferences. I don’t think conferences are particularly useful and I know a lot of people wouldn’t agree with me on that. But for me, I just don’t think they’re useful for what I do. They’re great for meeting people and connecting with other people but conferences I don’t think were a big part of my blog growth.

How many hours a week do you work on your blog?

That really depends, but it’s probably a lot. I don’t know exactly, but it’s well over 40 or 50 hours.

What are the type of skills that you need to know to start a blog?

How to make a website is a good one.

What are the best/worst parts of your job?

The worst parts of the job are nothing to complain about. I can’t think of one single worst part about the job to be absolutely honest with you. It’s got normal work stresses, sometimes it’s a little busier than others, but nothing really major to complain about, which is kind of nice. I guess add that to best parts about the job.

travel blogger

While travel blogs are a great way to keep friends and family in the loop about your travels, and keep a running journal of your experiences, they can also be a great way to generate some extra income. Oftentimes, the more effort and focus you can put on monetizing your blog, the more it can pay off in the long run.

Produce Quality Content

The first step to starting a successful travel blog for income may seem obvious, but it’s probably the most important. Create content that shines a light on you and your unique experience. Consistency and keeping your blog active while you travel are key; setting a schedule or a blogging calendar can help with that, and even writing a few posts beforehand can work. Producing quality content on a consistent basis will draw more people to your blog and eventually bring in people who may want to potentially collaborate with your blog and bring in revenue.

Become an Expert

Like with producing quality blog content, becoming a go-to resource on a topic or place can help build your blog’s credibility. Becoming the go-to blog on a certain place or activity, for example, will mean that there will be more eyes on your blog and the expertise you provide. This is a big draw-in for companies or advertisers focusing on the same things. Remember, while success can be defined many different ways, a successful travel blog connects a wide audience of travelers who can relate to each other and form a sense of community.

Sponsored Reviews

Once you beef up the content of your site and show versatility and expertise, sponsored reviews can be a great way to bring in money and expand your reach. Many travel bloggers have success in writing paid reviews of products or services they probably would have used anyway.

Affiliate Marketing

Affiliate links are a form of passive income, meaning once they are set up, you don’t have to spend any time making them generate income (as opposed to writing a review, for example). Affiliate links are a popular way for companies to market their products or services, and an easy way for you to earn a commission off the links placed in your blog. The amount you can earn varies, as do the affiliate link payment structures, but these are usually discussed or predetermined by companies.

Those are only a few ways to start your travel blog for income, or to turn your current blog into a revenue stream. Remember, it takes some extra effort to combine writing and travel, and to move on to monetizing your blog. It can be slow-moving and can sometimes be tedious, but if you are consistent you can work towards generating enough extra income to spend toward more travels. Good luck!

typing on a macbook pro

It’s been a while since I’ve updated my list of best plugins for WordPress Blogs (8 years, to be exact!). There are a lot more plugins available now but also more time to see which are diligently maintained, reliable, and don’t impact your site speed.

This is an updated list of WordPress plugins that still work better than ever and newer tools to add to your arsenal.

Yoast SEO – Yoast SEO is a top WordPress SEO plugin, and will help your blog rank higher in search engines. It’s also helpful to remember that guest posts can actually help SEO. Yoast is pretty easy to use out of the box but can also be finely tuned if you want to make modifications to how it handles your sites SEO.

Maintenance Mode – Still a favorite, this plugin creates an “Under Construction” page for your site when you’re doing some work on it. This way, people aren’t running into an error when you’re sprucing things up. It can also be set up with links to redirect readers to everywhere else you might be found online so you don’t lose a potential subscriber.

Akismet – I recommended Akismet in 2013 and still do today. The plugin automatically checks all comments made on your site and filters the ones it suspects are spam, making it a useful tool to handle and reduce spam on your blog. Keep in mind that won’t need this plugin if you disable comments on your site. Akismet recently began charging for their plugin if you run any ads on your blog.

WhyDoWork Adsense WP In Post Ads – The WhyDoWork Adsense plugin became defunct in 2018, but there are alternatives to the plugin if you want to make some money with your travel blog. Adsense plugins provide easy ad management without complicated code. WP In Post Ads allows you to test different ad placements and see what’s making the most money.

Google Analytics – While plugins can bring increased functionality with ease to your blog in some cases, sometimes avoiding plugins increases your site’s efficiency. This is the case with Google Analytics, which I still recommend. The tool tracks and reports website traffic, which is important if you want to make adjustments and monetize on your blog.

Sucuri Security – The cost of this service has increased from $89.99 per year (in 2013) for a single site to $199.99. That price includes security monitoring, protection, and clean up if required. The plugin helps integrate the Sucuri service into your WordPress installation. You can also leverage Sucuri to protect your sites contact form from spam messages (in case you decide not to use Aksimet).

You’ll notice this is a clean, lean, and minimalist list and for good reason. Using too many plugins can slow down your blog and also increases the chances plugins will conflict with one another or your sites theme. Stick to only the plugins you find essential and let your creative work do the rest.


Travel Blogging In 2021

travel blogging

The travel industry took a major hit in 2020 due to the COVID-19 pandemic, but things are starting to pick up again in 2021. More people have gotten a taste of the flexibility of working remotely, and a year of limited travel means that more people will be getting out as countries open up. It’s important to create a travel blog that can be successful and survive even during a time of limited travel.

Know Your Audience

Having a niche or focus is key for a successful travel blog, no matter what year it is. Writing what you know, to an audience you are familiar with (maybe they’re the same age group that you are in) will make your blog relatable and keep readers coming back to your site. Whether it’s the best travel tech, or how to travel with pets,  if 2020 taught travel bloggers anything, it’s that we’ve had to get creative with our content. Finding a theme that you can post about whether you are traveling internationally or locally will save you the stress of trying to figure things out if the world shut down again.


Networking is important in most fields of work, and blogging is one of those fields. The Travel Blog Exchange (TBEX) travel blogging conference usually has several conferences every year, all around the world. It’s a one-stop shop to meeting fellow bloggers face-to-face, and a great way to set up future collaboration with other travel bloggers.

Set Goals

Setting travel blogging goals is an essential way to ensure you’ll be consistent and make progress with your travel blog. Whether your aim is to continue a regular posting schedule, or have more meetups, setting realistic, attainable goals will keep you motivated.

Quality Is Key – Do Your Research!

Never sacrifice quality for quantity. Your posts should be original and interesting, and you shouldn’t aim to post everyday if the quality of articles starts to go down. Having a voice in your writing and creating consistent, structured posts will help your blog grow.


This is a guest post by Nick and Dariece, the couple behind Goats On The Road, a website designed to show others how to turn their travels into a lifestyle. Masters at making money abroad, they’ve been on the road since 2008 and have explored some of the least visited places on Earth.

guest post bomb

We’ve all heard of the guest post and its inherent benefits and dangers, but there is a way to exponentially increase the positive affects of a guest post on your blog’s traffic. First introduced by Adam Costa of Travel Blogger Academy, this tactic single-handedly resulted in a 35% increase in traffic at Goats On The Road. After Adam Costa gave me the idea, I gave it a try, and after the amazing success I had with the strategy, I dubbed it the Guest Post Bomb and decided to start to spreading the word.

The Pitches, Strikes and Home Runs

When you’re pitching articles to new bloggers, make sure you know what kind of articles they’re looking for. You’ll have much better success if you’re an honest fan of the blogger that you’re pitching to. Explain to them why you want to write for them, why you’re perfect for them and why you like their blog. Don’t just pretend you’re a reader. If you don’t even know who the people are that your reaching out to, then why should they take the time to get to know you? You’ll limit your strike-outs and have more home runs if you connect with blogs that you already follow.

Don’t follow 20 – 40 bloggers? Better get reading! Never pitch a blogger without reading at least 5 of their most popular articles.

baseball pitch

Photo By Saparaud via WikiMedia Commons

Be Careful!

As with every SEO and blog traffic tactic, there are pros and cons to this approach. This is a relatively new idea and you always have to be mindful when you’re testing new waters. Pointing out the pros and cons will help ensure that you’re maximizing the positive effect on your blog in the long-term, while avoiding any mistakes that could harm you down the road.

Pros (+)

+ Driving MAD traffic to your travel blog:

I know, it sounds like a lot of hype, but in my personal experience this is the single best strategy for driving huge, retain-able traffic to your travel blog. This approach is a large part of the reason that Goats On The Road has the traffic it does today, and I know that if you employ this method to your blog, you’ll have similar results.

+ Getting multiple links back to your domain to boost your authority (D.A):

Make sure that you’re linking each and every guest post back to your travel blog and not just from the dark abyss of the author’s bio! You should have one or two links in the main body of every article (depending on how many the website owner will allow) that leads back to your best blog posts. Don’t just link back to your home page. Deep links to your best posts are much more valuable.

Note: Never guest blog just to get increased PageRank and SEO results. You’re main focus should always be to write great content and have readers naturally click to your site.

+ Connecting with loads of great bloggers:

All great bloggers have made the right connections at the right times. By reaching out to so many bloggers in your niche, you’ll be forging new online friendships that could prove invaluable over time.

+ Having your name seen by hundreds, thousands or millions of new readers:

The exposure that you can harness from a GPB is only limited by your hustle, and your success in pitching big name blogs. All of those great bloggers that you’re posting for have their own loyal fans and this is your opportunity to show them that you are worth following too. Every guest post you write should be long, in-depth and captivating. This is going to increase your chances of retaining some of the traffic that will be coming your way.

+ Depending on where you write, you may be getting paid for some articles:

There are plenty of websites that will pay you for your work and many bloggers make money from freelance writing. If you can make a few hundred or a few thousand dollars while you’re doing your GPB, great, but make sure that you’re not choosing websites just because they pay. You want to be writing for top websites in your niche, not top-paying sites that don’t match your blog.

For paid freelance gigs, travel bloggers can check out this list.


This is the #1 reason that the Guest Post Bomb so powerful. We all know the importance of social proof. Think about it, when someone is searching around their favorite travel blog, foXnoMad.com, and they see your brand there because you guest posted for Anil, then the same day they head to their favorite blog help site, TravelBlogAdvice.com, and see you there again, they’ll start to think “hey, this guy’s a pretty big deal”.

ron burgundy anchorman

That is what is going to make people remember you. They’ll start to see you all over the place and they’ll feel like they have no choice but to follow you! How had they never heard of you before?

Cons (-):

– Matt Cutts warned that Google doesn’t like guest posts:

It’s true. Google is cracking down on spammy, link scheme-style guest posts on irrelevant sites. But that doesn’t mean that all guest posts are bad. Make sure that you’re posting original, high-quality guest posts on relevant sites and you’ll be fine. Also, as stated above, write for bloggers who you know and enjoy following.

“There are still many good reasons to do some guest blogging.”

-Matt Cutts in this blog Post

– You run the risk of looking spammy:

To avoid looking like a spammer, don’t over optimize your anchor texts. Never write 40 guest posts and link them all back to your site with the exact same anchors like: “Top Holidays” or “Best Travel Blog”. If you do, you’re asking for trouble.

The key is to have a healthy link profile, with plenty of branded, soft anchors and long tail keywords, which will ensure that your site looks more natural in the eyes of the Google Gods. For every keyword anchor you have, you should also build a branded anchor (ie: “Your Brand” or “YourBrand.com”).

no spam

Another way that you may look spammy is if you make the mistake of writing the same post twice. Every single post has to be 100% original and never published anywhere else online (including on your own blog). Google penalizes sites that have duplicate content so make sure that every paragraph is new and unique.

Of course, if you’re spamming, you’ll look like a spammer. Never send out bulk, generic emails to numerous blogs, never publish half-ass posts anywhere you can and never guest blog solely for the purpose of increasing your PageRank.

– You’ll get rejected a lot:

Have thick skin and get ready to hear “no” thrown back at you a few times. If you’re pitching 20 – 40 bloggers in a month, there’s a good chance that some of your ideas won’t jive with their flow. That’s fine! Don’t let it deter you from asking big name bloggers in the industry. Just keep on trying and eventually you’ll get your name seen on some amazing sites.

I once pitched Max at GoNomad.com 4 different articles before he finally accepted one! While you should never heckle a blogger, sometimes you’ll need to try more than once to get an article accepted.

– It’s a ton of work:

There’s no doubt about it, it’s a lot of work writing 20 – 40 awesome blog posts, but it’s definitely worth it. If you’re worried about investing too much time into this approach, then start with just 10 guest posts published on the same day. You’ll see some serious traffic growth and after that, you’ll be ready to publish as many as you can to continue the progress. It is definitely a lot of work, but I can tell you from experience… it’s worth it!

How To Make The Most Of Your GPB

When you’re doing your Guest Post Bomb, you’re going to want to make sure that you’re maximizing your return in every possible way you can. What are your goals for the GPB? Is it simply to drive more traffic to your site, if so, you may want to reconsider your motives.

Traffic is great, but it should be your secondary aim. There are a few things that you should have in place to ensure that you’re converting drive-by readers into long-lasting fans and potential customers. Below are some tips to help you better capitalize on your GPB.

Have a product:

Whether it’s an e-book, a consultancy course or a T-shirt collection, have something that you’re new readers can purchase. Just make sure that you’re not too pushy in your approach. If they come to your site and a huge pop-up appears that says “BUY THIS!” they may just click away before reading anything.

ebook in library

Image By Maximilian Schönherr via WikiMedia Commons

Allow readers to subscribe:

Whether you have a product or not, you should always make it easy for new readers to subscribe to your blog. If you get an email address, then your newsletter will remind your new fans just how awesome your travel blog is!

Link back to your most valuable resource:

Have you written an extensive guide or a useful post that you want to have shared? Make sure that you link back to it from your guest posts. If people come to your site and immediately see solid, memorable content, then they’ll be more likely to stick around.

Pitch, Write, Publish and BOOM!

Now is the perfect time to start your Guest Post Bomb. Start pitching your favorite bloggers and top bloggers in the travel industry, then get ready to write a lot of WOW-worthy guest posts, have them all publish on the same day and BOOM! When your Guest Post Bomb explodes, you’ll see some huge traffic that won’t just disappear over time. After you’ve tried it, come back here, leave a comment and tell us how much traffic you earned! We’re sure that you’ll be happy that you read this post.

You can learn more about how Nick and Dariece turn their travels into a lifestyle on their site, Goats On The Road. They’re also full-time contributors at Credit Walk where they share their expertise of long-term travel. Follow them on Twitter, Facebook, Google+ and YouTube.

macbook pro 15 inch keyboard

Some time has passed since I wrote my 13 recommended WordPress plugins for travel blogs and while I can still vouch for a few of those, in many cases it’s time for an update. WordPress itself has extended its functionality to incorporate what once required plugin support while savvy coders have expanded their plugins to encompass others. All of this means that some plugins aren’t useful or needed any more while in other cases it’s better to simply add a bit of code directly into your WordPress site itself.

  • All In One SEO Pack WordPress SEO – I perform extensive SEO testing on a number of WordPress websites and since I updated this list last, the results have strongly favored WordPress SEO. Although it’s prone to conflict with other plugins you may have running and not exactly intuitive to set up, putting some effort into a careful install plus brushing up on proper configuration can markedly improve your travel blog’s search engine visibility. (Download WordPress SEO)
  • good photo of Peregrine FalconGoogle XML Sitemaps – It’s now integrated into WordPress SEO plugin, killing two birds with one plugin stone.
  • Maintenance Mode – This plugin creates a nice little ‘Under Construction’ page for your site. It’s customizable, easy to use, and should only be activated as needed. (Download Maintenance Mode)
  • Spam Karma Akismet – Spam Karma is no longer updated but Akismet does a great job of replacing it. Bundled with every WordPress installation, if you’re not already using it, you can download Akismet here.
  • TinyMCE Advanced – Adds a number of icons to your post editing screen that were lost a many WordPress updates ago. It makes it easier to insert video, adjust pictures, and change font sizes. It’s worth mentioning however that TinyMCE Advanced tends to conflict with other plugins, when in doubt, it’s the one to check. (Download TinyMCE)
  • Whydowork Adsense – If you use Google’s Adsense to make some money with your travel blog, this plugin makes it easier to put ads – or any other code for that matter – within posts. You can even configure it to show ads X number of days after a post is published or in random spots. (Download Whydowork Adsense)
  • danish mailboxesWP-ContactForm Contact Form 7 – More stable than my previous recommendation, Contact Form 7 lets you create contact pages like this and place it anywhere on your travel blog. It also comes with a built-in spam filter plus additional formatting options. (Download Contact Form 7)
  • WP-DBManager – Although WordPress comes with a built in database backup utility, this plugin lets you create backups at intervals of your choice and can be configured to automatically optimize your database every month, although I would suggest activating this feature on an as-needed basis. (Download WP-DBManager)
  • Yet Another Related Posts Plugin (YARPP) – Both Outbrain and nRelate do a better job of showing recommended posts beneath an article, although they’re not specifically sorted by relation to the topic at hand.
  • Yoast Breadcrumbs – Now integrated into WordPress SEO.
  • Sucuri Security – The service costs $89.99 per year for a single site which is a bargain considering that price includes security monitoring, protection, and clean up if required. The plugin helps integrate the Sucuri service into your WordPress installation. (Download Sucuri Security)

Generally, I try to be relatively consistent with the plugins I use across foXnoMad, Travel Blog Advice, and my other blogs, but these aren’t all of the ones I use. The others perform site-specific functions but try to remember when it comes to plugins, less is more. A cluttered installation of plugins on your WordPress back-end can slow or shutdown pages when conflicts inevitably occur.

Many travel blog dilemmas, like forcing external links to open in new tabs, using a trailing slash for site speed and improving SEO or enabling SSL for password security can be accomplished with a few lines of code in the right place.

What are some of your favorite and go-to WordPress plugins you would add to the list above? I look forward to hearing your recommendations, in the comments below.


kira zalan live chatOver on foXnoMad from 7pm-9pm US EST today, Thursday November 7th but you can leave your questions below or directly in the chat comments here right now. In addition to writing, she’ll also answer any questions you may have on pitching stories to publishers, coming up with a good story, and breaking into the writing world. I hope you have time to take advantage of the opportunity and think you’ll find some excellent travel blog advice.

porto portugal windows

Although there are both sides to the debate on whether you should or shouldn’t force all external links to open in new windows, if you decide to, don’t use a plugin to complete the job. With a few simple lines of code you can have links pointing to sites outside of your travel blog open in new tabs or windows when users click on them. Doing so potentially keeps people on your blog longer while not using a plugin helps you avoid potential conflicts with others you may be running.

Open Your functions.php File

You can find and edit your functions.php file in one of two common ways. Either through the editor in the WordPress admin interface (Appearance > Editor) or through FTP (wp-content > Themes > [Your theme in use] > functions.php). Once the file is open, copy and paste it to another file or your desktop, so you have a copy in case something goes wrong.

texas state capital buildingTwo Important Things To Note

The first is that some themes, like versions of the popular Thesis, have custom function files. You’ll want to place the code there if that’s how your particular WordPress theme is setup. (They do this to make themes more flexible with updates.)

The second is to place the code right above this – ?> – at the bottom of your functions.php file. Not doing so will either break your theme completely or result in lines of code hanging in your header. (Placing the code after the ?> or at the very top of the functions.php file are the two most common mistakes I find people make.)

Insert This Code

Be sure to replace “YOURSITE” with your particular domain name.

function autoblank($text) {
$return = str_replace(‘href=’, ‘target=”_blank” href=’, $text);
$return = str_replace(‘target=”_blank” href=”http://YOURSITE.com’, ‘href=”http://YOURSITE.com’, $return);
$return = str_replace(‘target=”_blank” href=”#’, ‘href=”#’, $return);
$return = str_replace(‘ target = “_blank”>’, ‘>’, $return);
return $return;

To have all links left by your readers in the comments section open in new windows as well, simply add these two lines to the code above:

add_filter(‘the_content’, ‘autoblank’);
add_filter(‘comment_text’, ‘autoblank’);

Hopefully now you’ve got all of the links you want opening up in new tabs or windows (which one depends on the browser settings of the viewer). In case you do notice errors, check the first two points above, and if all else fails, simply delete the code from your functions.php file.

Other Methods And Useful Lines Of Code

There are a number of alternate ways to do the same thing although I prefer this method over using jQuery. Using PHP reduces the chances of you running into code conflicts and will likely keep your travel blog loading faster as well. A few lines of code can go a long way, like using a trailing slash for site speed and improving SEO or enabling SSL for password security.

macbook pro keyboard

No security is absolute and there isn’t a single password perfect enough to protect you from every type of hack that exists now or will in the future.

Unfortunately there’s no mystical password out there in the ether to that can secure all of your online accounts forever. One great password isn’t nearly enough. You need a layered password strategy that requires a unique login for each of your online accounts. But that same technology that forces you to have multiple passwords – giving you a headache – can actually relive you of having to do any additional brainwork at all.

Security Is A Strategy, Not A Solution

We tend to focus on the endpoints of security like a metaphorical egg. Hard shell around the exterior but once it’s cracked, nothing stopping you from the yolk. Having multiple passwords is like adding shell after shell to your online world and identity, so if someone does hack an account, they’re limited in what they have access to.

What most hackers do when they gain access to any of your online accounts is not immediately try to empty out your bank account. They’ll use your email address to identify other accounts, hoping you’re using a single password for all of them. Slowly gathering information, they’ll then take what they can get, whether it’s personal messages, money, or your questionable spring break photos. When you’re only using a single password, you can never been sure what’s been stolen if one of your accounts is compromised.

So, rather than having to change all of your passwords, set up multiple passwords so you only have to change one when the day comes you get hacked. Luckily, technology is on our side to do most of the work for us.

keepassxTools To Create And Track All Of Your Passwords

Don’t bother trying to conjure up complex passwords you’ll end up forgetting and resetting over and over. Your brain is the most complex computer in the known universe, use it for what its good at, which isn’t coming up with passwords.

  • KeePass (free) – My favorite password management tool, it lets you store all of your account usernames and passwords on your hard drive in an encrypted folder. You only need to remember the single KeePass password, then just copy and paste passwords as you log into Facebook, email, and your bank accounts. KeePass is also available on iOS, Android, Blackberry as a mobile app, which you can sync with your desk or laptop.

I have over 100 passwords stored on my KeePass, one for each account that’s randomly generated as complex as a given site will allow. Typically, my passwords are 16-22 characters long with numbers, symbols, upper and lower case characters.

And I don’t know any of them except two. One is to KeePass itself, and the other is to my email account. All of the other places I log in regularly: Twitter, Facebook, and my blog require me to copy and paste the password from KeePass into the site. That’s literally 4 mouse clicks for some peace of mind. Not only do I not have to remember much, it’s quick – and I can probably log into all of my accounts faster than you can type in even the crappiest 123password!

  • Lastpass is an another free password manager. Easy to use. The premium version, which you’ll need for your mobile devices, costs $12 per annum.
  • 1Password is a sophisticated user-friendly solution, but it comes at a price. There’s a 30-day free trial period, after that, depending on the licence you want (family, pro, single), prices start at $49.99.

Passwords Aren’t Absolute – Use The Next Step When You Can

There are a number of ways to hack an account that’s secured by password only. A hacker may try guessing the most common passwords, breaking the site, or fooling you into revealing some of your account information. (Like this attack last year against Tumblr.) It’s easy to steal what someone knows – which is why many sites take advantage of two-factor authentication – something you have combined with something you know.

Both Paypal and many HSBC banking accounts have the option of two-factor authentication; in the form of a small password-generating token they send to you for $5 or less. These small devices display a new number every 30-60 seconds which you need to enter with your password. Just having the password isn’t enough.

Many financial institutions offer hardware tokens but typically don’t advertise them for consumer accounts. Call you bank and other money-managing service providers to see if they’ve got tokens available for account logins. That way, if your password is compromised, the attacker won’t be able to get into your account. Unless of course you didn’t follow my advice above and are using the same password for each login.

Don’t Just Keep Tweaking The Same Password Ending

It’s important, which is why I mention it again, that you don’t come up with your own passwords. Even if you tweak the same password root for each account (e.g. Kermit123!, Kermit-5566, etc.) for a computer doing the guessing, it really doesn’t matter at all. The most used password roots are widely known and generally consist of real words, sequential numbers, and proper names.

Go random and use a unique password for each of your online accounts, otherwise you’re only fooling yourself into feeling secure.

Rules To Login By

As a reminder, these are the basic best practices you should follow.

  1. Use A Password Manager – KeePass or LastPass are my personal recommendations.
  2. Generate A Unique Password For Each Account – Both programs can create randomly generated passwords for you. Use this feature and don’t bother trying to remember any of them, except the password for the password program itself.
  3. Ask Your Banks For Tokens – If they don’t offer them, suggest that they do.
  4. Don’t Send Your Passwords Over Email – It’s like writing your personal secrets on a postcard. If you do have to send a password, use Skype (chat or voice). The connections are encrypted.
  5. Any Password You Came Up With In Your Head – …isn’t a good password. Magicians have known for a long time, we all tend to pick the same random numbers.

You Know What To Do So Do It Now!

A dedicated 15 minutes should be about what you need to download one of the password managers above, generate passwords for each of your accounts, and then go online and change each one. A quarter of an hour is a small amount of time to pay compared to the effort it takes to recover from a hacked email, bank, and Facebook account. Oh and Twitter. Because you used practically the same password for that too.

Finally, keep in mind that none of your online accounts aren’t worth using a unique and randomly generated password. That off-the-cuff password you selected for your unused Pinterest account can reveal a lot about you.The first step, for a hacker, is the hardest; after that it depends on you.

I originally published this post on the Travelllll, which will be closing its digital doors at the end of the month.

{ 1 comment }