Regardless of any known security bugs one should always assume they exist and do everything they can to reasonably protect themselves from a would-be attacker.
To me, this means using a program like 1Password* so I can have unique and complex passwords for each and every site. You can also then start using unique usernames for more sensitive sites, like you bank, and making your answers to the personal questions unique so in case someone tries to reset your password remotely.
These steps won't protect you from attackers exploiting this bug but it would protect all your other accounts if, for instance, you signed on to AI with your username and password but had a different username and password for bank.
In reality you're not likely to be be victimized locally by sitting in a coffee shop but rather as a result of focused teams of hackers half a world away stealing a company's user data. This makes having individual passwords, as a bare minimum, even more important to your longterm safety on the Internet.
1Password also has a nifty feature called Security Audit which details which accounts have weak passwords, duplicate passwords, and have been using the same password for 6-12 months, 1-3 years, and 3+ years to help you better manage your accounts.
For me, this means I have to remember just 4 passwords. One to log into my Mac, one to log into my iPhone (with Touch ID I no longer use a 4-digit PIN but a proper password), one to log into 1Password, and one to log into the iCloud account I use for Find My iPhone. I'm not sure how others create passwords but I like using phrases to create long unique passwords that are easy to remember. This is an example of something longI can remember as well as type in quickly: $0methingINTHEWaySheMo\/es
PS: I'd like to here "best practice" ideas that others utilize.
* ...or LastPass or Apple's new password manager, but I think 1Password is worth paying for.