Don't change your password. It's strange advice to hear when the so-called Heartbleed bug is leaving databases all over the web open and exposed, but it's applicable. Yes, security has been compromised for many of your favorite websites and services (including Google, Flickr and Steam, at least initially) but protecting yourself isn't quite as easy as changing your password. Unlike past exploits, Heartbleed isn't a database leak or a list of plaintext logins; it's a flaw in one of the web's most prevalent security protocols -- and until its fixed, updating your login information won't do a darn thing to protect you. What, then, can you do to protect yourself? Wait, watch and verify.

Although some companies will notify users that their services have been patched (like Google did), not all of them have or will. That means you need to be aware of which websites were vulnerable to the bug and routinely check them to see if they're back on track. Don't worry, that's not too difficult either. Sites like GitHub and Mashable have already compiled lists of popular websites, services and social networks, noting if they were affected at the time of Heartbleed's discovery, and in some cases, if they've been patched. You can check manually, too: concerned coders and even some companies have made tools available to help you suss out sites that are open to attack. Coder Filippo Valsorda has created a Heartbleed checker and thefolks at LastPass have a similar tool -- either or both will update you on the status of a site's security certificate. If it comes up clean, you're safe to change your password.

Click on above title for more.