If you remember, we had a chat (well, I had a rant) about passwords when Kickstarter had their user DB hacked a while back. Go read it again: I'll wait.
Just in case you've not been following the news of late, here's a very good reason to change your passwords. Herewith the non-techie explanation:
A security hole in some versions of the software that handles secure web connections has just been announced. In a nutshell, it's a programming error that allows a lovingly hand-crafted web request to undetectably coax a server into returning some of the contents of its internal memory. That internal memory is likely to contain recent unencrypted traffic - i.e. anything that passes from a browser to the site or vice versa. Session cookies. Passwords.
The bug has been out in the wild since the 14th of March 2012.
Of course, this isn't to say that someone has exploited it. But we (wearing my IT security hat here) have no way of knowing at the server end if they have done
Not all sites are vulnerable (sites running on Microsoft software, sites with an older version of the software, for example). Many of the key ones were forewarned a couple of days before the vulnerability was announced, and it is an easy fix - just upgrade the software.
Now would be a good time to go change your passwords. Just in case. (And Mashable has a list of which sites you should do it on NOW and which you should wait... which I hope is being actively updated.)
And as an aside, I have to admit now is about the time I'm seriously considering moving to a password manager that will generate and remember high-complexity passwords for me.
 leads to more technical explanation.
 but we can tell if a site is vulnerable. This list is interested on that score. Also, the password app LastPass now tells you if the site you're about to change your password on has been fixed yet, and thus, whether it's worth bothering yet.