User blog comment:Corey Chambers/Heartbleed Bug/@comment-75.71.212.182-20140414143013/@comment-4399679-20140414144153

If you change your password before the site patches the bug then yes you are still vulnerable. However some of the bigger websites, Facebook, Twitter, Tumblr, for example have already applied patches so you should probably go ahead and change your password for those.