The Huffington Post writes:

According to experts, it’s wise to see if the Heartbleed bug has affected the websites you visit most. CNET has compiled a list of the top 100 sites across the web that shows which sites are vulnerable to this bug. When you look at CNET’s list you’ll notice that a password change is recommended for most sites including Google, Facebook, YouTube, Yahoo and more.

Before you join the collective groan being heard around the Internet at the prospect of changing your passwords, look at the bright side. This security glitch actually offers parents and their kids an opportunity to share an important and timely “teachable” moment. Why not use Heartbleed as reason to talk to your kids [and adults!] about how and why to make safe and secure passwords in the first place?

via Heartbleed: A Teachable Moment About Passwords | Diana Graber.

Here’s a tip that most of my clients and students love for creating relatively secure passwords that you won’t forget:

• Pick 3 numbers
• Pick 3 letters
• Pick a special character like !

Now, for each website where you need a password, use the 3 numbers followed by the name of the website or service you are using and use a capital letter. Follow that with the 3 letters and the special character so that your WordPress password would be something like this:

123WordpressABC!

Like I said — relatively secure and you’ll never forget it — just be sure that your number and letter combinations are relatively random!

Update: April 11…

It doesn’t do any good to change your password in a service that has not been updated to protect itself against Heartbleed because your new password will be subject to the same concerns. Check this list of services that has already been updated and in which you can safely change your password. Other than that, be on the lookout for emails from service providers who are telling you it’s now ok to update your password in their service. Questions? Feedback?