Change Passwords due to breach?

<p>More email addresses, passwords etc were stolen again. http://www.nytimes.com/2014/08/06/technology/russian-gang-said-to-amass-more-than-a-billion-stolen-internet-credentials.html?_r=0</p>

<p>Should I change my password here at PN (http)?</p>

<p>Should I changed it on other sites I communicate with (https) that are more secure?</p>

<p>Most are stolen through phishing attacks or malware installed on your local computer - so, the distinction between sites you visit with and without SSL encryption (http vs https) isn't really all that meaningful. <br /><br />When in doubt, change passwords. Do it regularly anyway.<br /><br />But: remember that if your computer or network is compromised, changing the passwords you use won't make much of a difference at all anyway, since the new ones will get slurped right back up as soon as you use them. The real issue here is practicing safe computing in the first place - keeping your operating system and web browser up to date, not using the same password in multiple places, not signing into things you care about while using public or shared computers and devices, and not following unsolicited links in emails - all the usual stuff. If you don't fall for the most common attacks, your credentials are generally safe.</p>