So everybody’s really excited about [[wiki:Heartbleed]] and now we’re seeing helpful folks on social media urging all their friends and family to [change their passwords](http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/).
Leaving aside that your Instagram password is probably one of the least interesting things an attacker might get through Heartbleed, changing your password will only help you until the next time a security breach leaks a (hopefully) hashed password database.
Passwords alone aren’t good enough for security anymore. Fortunately, more and more sites have implemented [two-factor authentication](http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now/all) or [[wiki:two-step verification]].