TexasCHLforum.com

The heartbleed vulnerability has only been known for a short time
If you have not logged in to a site in the past 30 days or so your password couldn't have been put at risk by this flaw.

Proactively changing passwords at this juncture MAY put you at more risk than doing nothing.
The fixes JUST came out in the last few days. Not every system has been updated and fixed yet.
Many datacenters literally have thousands or tens of thousands of servers to patch. That will take a while.
Logging into a site that you rarely use to change your password could expose the the old and new passwords, if the site hasnt yet implemented the fix.

If it were me I would wait a few more days.
But do what makes you comfortable.
I have a customer that logs in to all his accounts every day to make sure his stuff is still there. Even on Sat and Sunday when NO transactions happen, he still logs in every day. If you are one of those people, then by all means change your password. But I would change it again in about 2 weeks.

Edit to add quote http://www.zdnet.com/google-aws-rackspa ... TRE17cfd61" onclick="window.open(this.href);return false;
"Yahoo, for example, has advised all Tumblr customers to reset passwords to everything, however security experts have warned it may be best to wait for providers to confirm they've fixed the flaw.

"If you need to change your password on a server that is at risk due to heartbleed, then the new password you choose may be at risk due to heartbleed," Sophos' Asia Pacific head of technology Paul Ducklin said.

"And it's fair to say that there are a lot more people ready to heartbleed your new password right now than there were a week, a month or a year ago when you set the old password up.""