The advice comes after a flaw known as the Heartbleed bug was revealed earlier this week.
Security researchers say potential hackers could exploit the flaw to access personal information stored in computer memory, including your e-mail and passwords.
Some major websites - including Yahoo, Google, Facebook and YouTube - have already taken steps to secure their sites.
Experts say you can go ahead and change your passwords to those sites.
But they recommend confirming some other sites have fixed the bug before you update your password, because if it's not fixed, your new password could be compromised too.