When someone else has your password, it's bad news. Even if you use different passwords for different sites, just having a compromised password for one of those sites is bad enough, especially if it's a site where you have stored valuable or sensitive information.
Several weeks ago, I read this account of Mat Honan's plight. Teenagers hackers were able to access Honan's iCloud, Gmail, and Twitter account. They destroyed data and sent offensive Twitter messages on his behalf.
Google has provided a 2-step verification method for it's users. Two-step verification is optional. This video explains the process:
Anyone using 2-step verification now? Have you found it easy? Anyone have a horror story about a compromised password?