In the wake of the Heartbleed OpenSSL bug, I think we need a new feature supported in all password managers – the ability to en masse flag all passwords as compromised. Once this happens, when you visit a site with a flag password, you are prompted to change it. Further, you could look at a list and doing some js magic, auto-open tabs with each impacted site, one at a time. As you change them, the flag is cleared in the password manager, and you can easily track how well you are keeping yourself covered.

From my limited investigation, LastPass.com‘s password manager and the iCloud Keychain do not support anything like this.