Last week the alarm went out about the new "Heartbleed" bug and we were informed to change all our passwords. The problem: If you changed your passwords right away and a website you use had not patched the security issue in their open source SSL, you were still vulnerable. It is not until they patch the problem that you should change your passwords.
Here is a link to a CNET article that shows you which websites have updated their security and you SHOULD now go and change your passwords.
Take a look at the list and go to each site on the list that you have a username and password on, check for password change recommended and make the change. Yes it is hard to do this but it is less painful than having your information stolen. Here is the software that I recommend for keeping your passwords safe and organized.