This has been a big news story for the past day or so: an encryption flaw (basically, a "hole" in the security of some websites) called the "Heartbleed" bug has been discovered. The initial reports I heard made it sound like you needed to change ALL of your website passwords; but apparently, that's not the case. Here's a breakdown of which of the websites' passwords you should change, and the ones you don't necessarily need to.

As reported at

An encryption flaw called the Heartbleed bug is already being called one of the biggest security threats the Internet has ever seen. The bug has affected many popular websites and services — ones you might use every day, like Gmail and Facebook — and could have quietly exposed your sensitive account information (such as passwords and credit card numbers) over the past two years.


But it hasn't always been clear which sites have been affected. Mashable reached out to various companies included on a long list of websites that could potentially have the flaw. Below, we've rounded up the responses from some of the most popular social, email, banking and commerce sites on the web.

Click the link below for the complete article and list. Using a good anti-virus program on your computer wouldn't hurt, either. And--please--don't use "1234abcd" or "Password" for your password...ever!

(via The Heartbleed Hit List: The Passwords You Need to Change Right Now.)