With the recent security flaw in OpenSSL, now dubbed the Heartbleed bug, every major website is alerting you the change your passwords. Just this morning alone, I'm sure that most of you will have to go about and I advise that you do so now, change your Facebook, Google, Yahoo, Tumblr, GoDaddy, Dropbox and Soundcloud passwords just to name a few. Do it now and make sure that no two are alike! Lucky for me, I use AgileBits's 1Password which, by the way, is now multiple platform, so generating that 8-16 or even 24 character password is automatic. If you haven't read the various sites that are listing the vulnerable web services, I suggest your head over to either here, here or the master list and start working!
3 things you can do to protect yourself Wait for an official announcement from any secure website or service that you normally use regarding a security update.
After you've confirmed that the site or service has installed a security update, change your passwords.
For at least the next week, keep an eye on any of your sensitive online accounts (banking, webmail) for suspicious activity.
In the meantime, while websites are installing the latest version of OpenSSL to fix the bug, it would be a good idea to wait for confirmed updates on your favorite websites and services and then change your password, just to be as safe as possible.