Just a heads up to everyone that the Heartbleed bug in OpenSSL doesn't just leave HTTPS connections, but IMAPS (how your e-mail program like Mac's Mail.app) vulnerable as well. And changing your password is basically a must now, but make sure the site/service has patched the issue first before changing your password. (Most sites/services have already patched it. I'd still double check though.)
