More than 270 million people in the world use Yahoo email. And a day after a massive security breach, the company has not revealed how many of those customers had their email accounts hacked. Hackers not only have access to their victims' emails, but also their email address book -- potentially exposing their friends, family and other contacts too.
"Let's say you're corresponding with me, it doesn't mean they can break into my mail, it means they have my email address and they can send me spam," said Larry Magid, technology analyst.
That would be the least of your problems.
"Now there may be people who say things in email that are compromising in both ends of the conversation, but the bottom line is, people's privacy and security have been violated," said Magid.
Worst case scenario: the hackers could gain access to your bank information or medical records. Magid says there's no way to stay completely safe online these days and passwords are the problem. He says companies need to move toward fingerprints or retina scans.
"The fact that Apple put a fingerprint reader on its newest iPhone is an indication at least one company believes there are things better than passwords," said Magid.
In the meantime, don't use the same password across multiple sites and services. Choose a password which is not easy to guess. Passwords should be long and contain a mix of numbers, letters, upper and lower case and ideally symbols. And pick a "change password" question that can't be easily guessed or mined from social media. "what day is your birthday" or "where did you go to school" are too easy. And of course, change your password -- every three months is recommended.