Called one of the biggest security threats the internet has ever seen, this bug has affected so many sites: from social networking to companies like Google and Amazon, and almost two-thirds of the world.
The best advice is to change your passwords (a good habit to do anyway more often than most of us actually do). Security guidelines have long recommended to change your password every 30-90 days.
General rules of thumb:
-Don’t use only letters or numbers
-Don’t use personal names
-Don’t use phone numbers, birthdates or social security numbers
-Don’t make your password “password” or even “pa$$word”
-At least 8 characters, used in combination of numbers, upper- and lower-case letters and characters
-A favorite quote such as, “By failing to prepare, you are preparing to fail,” could become Bf2p,urftp
Find out more here with a complete list of sites affected, how they have addressed the Heartbleed bug and recommendations on whether or not you need to change your password: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
Editor’s note: When I first became aware of this bug I changed my Google, Facebook, and Hotmail passwords. But really think about it – how many sites do you have logins for…and stored credit card information within them? Since last week I’ve also changed my login and password credentials to Amazon, Twitter, Shutterfly, QuickBooks, Instagram, credit cards and banking institutions (even though they aren’t on the “hit list”). I just suggest every time you’re logging into some account with your old credentials, to change it – and you’ll continue to think of more each day.