Originally Posted by
boberonicus
This is incomplete advice. The more important concept is to have different passwords on every website, and to use two-factor authentication whenever possible.
Here's a list of vulnerable sites.
As my earlier link suggested, Bob is totally right on. Never use same password for different site and whenever possible, go with two factor authentication.
Here's another way to check if site compromised:
http://filippo.io/Heartbleed/. If you find it useful, send a small donation to the creator [Full disclosure: no relationship with creator].