DALLAS (KRLD) — An encryption flaw known as the “Heartbleed” bug is being called one of the biggest security threats the internet has ever seen.

Security departments around the world are working overtime to address the bug, which has has been active for more than two years.

READ MORE: Husband James Marcus Neves Charged With First Degree Murder After Killing Wife Vanessa Neves

The Heartbleed bug is a vulnerability in the popular OpenSSL software, which allows protected information to be stolen — including passwords.

Some experts have been suggesting that users change every online password out of caution, but is that totally necessary?

Lance Ulanoff, the editor at large at Mashable, tells KRLD that users don’t need to overreact.

“That actually doesn’t make sense. You don’t know that the site has done its work — if it hasn’t update itself or is not clear of this vulnerability. If you change your passwords now and that site still has a problem, those passwords could still be stolen.”

Instead, Mashable has analyzed the major sites that people visit everyday, determining whether or not a password change is needed.

READ MORE: Houston Woman And Boyfriend Arrested After Child's Skeletal Remains Found Among Abandoned Siblings

“One thing that’s really important to understand here is that, while this is a really widespread problem and many sites use what’s called OpenSSL, a lot of sites don’t.”

A full list of the sites and passwords that you need to change can be found here.

(©2014 CBS Local Media, a division of CBS Radio Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.)

Latest News:

[display-posts category=”news,sports” wrapper=”ul” posts_per_page=”5″]

Top Trending:

MORE NEWS: Judge Rejects Challenge To Southwest's Vaccine Mandate