Heartbleed: What you should know [The Washington Post]

Check the full article for additional tools and guidance

"Q: Should you change your passwords?
A: Don’t rush to change your password.
“Security experts suggest waiting for confirmation of a fix,” CNET warns, “because further activity on a vulnerable site could exacerbate the problem.”
More than half a million Web sites are vulnerable by some estimates, or two-thirds of the Internet.
 
You can use this tool to see if a Web site is vulnerable. If it is, don’t log in until the company confirms it has updated its SSL software and changed its security certificates. After that, you can change your password."

Heartbleed: What you should know