These things are frequently overblown, but it’s also probably worth knowing about.
The full list of possibly effected sites is apparently more than 4 million long. Linked below is a site with the full list, a “notable” list, and a list generated by cross-referencing against Alexa’s top 10,000 sites. I read the cross-referenced list to look for sites I have accounts with; it took a while, but I’m glad I did.
Makezine.com and thingiverse.com are the only two that jumped out at me as sites that Glowforgers might also have accounts with, but if you find more please post them below.
Oh, wait… damn.
glowforge.com is in the list of possibly effected sites
formlabs.com (use the “forgot your password” option to change it, also, since the “log out” button/link doesn’t seem to function, use a private browser window to gain access to the “forgot your password” option)
shapertools.com (use the “forgot your password” option to change it)
Very true, using a password manager can be very helpful! 2-Factor-Authentication is good too, when available, except it usually means giving the site your phone number (which I hate doing).
A related/topical Engadget/Wirecutter article…
One of the managers on the list, 1Password, is apparently a site possibly effected by this bug, though it seems that they’re saying that they actually weren’t effected.
"came down to a typo in the code that caused a buffer overrun"
One serious downside about being a programmer is knowing how really easy it is to make stupid errors which can have nasty consequences, and knowing how much really ugly/bad/sloppy horrible code is out there doing important things. scary.