By now, you've probably heard of Heartbleed, a bug in an SSL encryption program used by 66 percent of all websites worldwide, according to Netcraft's "April 2014 Web Server Survey."

Because the bug existed unreported for two years, hackers may have taken advantage of it without leaving a trace on websites. This means that the information stored on these sites, including passwords, may have already been compromised. The good news: Most banks do not use this encryption, but many social media and email websites do.

Experts advise that users change passwords on affected sites being patched and keep an eye on online accounts for suspicious activity. Here are two ways to check if sites you use have been affected.

1. Mashable, a website that disseminates news, information and resources, has provided a list of major websites and whether they have been affected by Heartbleed, if the affected sites have already applied a software patch and if you need to change your password. Go to on.mash.to/1mYPZjM. CNET also has a list at cnet.co/1n7dF2w.

2. LastPass, a password manager site, has created a page where you can check whether specific sites you use have been affected. Go to lastpass.com/heartbleed.

Penny trial latest ... One injured in LIE tanker crash ... Fires on LI Credit: Newsday

Vet gets $2.3M in alleged assault by cops ... Penny trial latest ... Suspect in resort killing found dead ... Family wheely racing

Penny trial latest ... One injured in LIE tanker crash ... Fires on LI Credit: Newsday

Vet gets $2.3M in alleged assault by cops ... Penny trial latest ... Suspect in resort killing found dead ... Family wheely racing

SUBSCRIBE

Unlimited Digital AccessOnly 25¢for 6 months

ACT NOWSALE ENDS SOON | CANCEL ANYTIME