Just receieved this email from Riot games, so if you play its time to change your password

Greetings Summoner,
Keeping your information secure is very important to us. That's why we're sorry to inform you that some of the account information you provided us may have been accessed by hackers. Most critically, some players' email address, encrypted account password, and date of birth. No payment or billing information of any kind was accessed.
As a safety precaution, please change your account passwords by logging in to euw.leagueoflegends.com and visiting the "my account" page (linked in the upper-right hand corner of the page after login). If you use the same password for accounts on other services, you should change those passwords as well.
For your security, the URL above isn't clickable. If you need to access your account, type the URL in directly. On that note, please be extra vigilant about emails you receive, especially if those emails contain attachments or links.
We're keeping this note short, but have created a forum post with much more information and the latest official updates on this situation at euw.leagueoflegends.com/board within the announcements forum.
We apologize for the inconvenience, and appreciate your immediate attention to resetting your password.
The League of Legends Security Team

Edit: ok, its europe only, the email does not state that.

I remember reading on reddit that they recommend a password reset for Eu users since the servers got hacked. Also that to not trust emails as they might be used as phishing links from the "hackers". They suggest just going to the website directly and changing it there.

EDIT: Here's the reddit post and the forum post

http://www.reddit.com/r/leagueoflegends/comments/ut08r/riot_got_hacked_change_your_password_asap/

http://euw.leagueoflegends.com/board/announcement.php?f=3

This is only for EU players by the way. For those of you freaking out that didn't read closely enough or hear about this already.

Just saw the email earlier.

Please use a good password. We compared encrypted password hashes and discovered that 11 passwords were shared by over 10,000 players each.

This is very concerning. I try to make my passwords as strong as possible, but in the end I'm only human and bound to repeat my patterns. Looks like I'll write that password generating program that I promised myself some time ago. If anyone needs it, hit me up.

@valrog: Try out Keepass. It is free, works on majority of platforms, and is very secure. Here is a quote from the site.

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). For more information, see the features page.

It comes with a very handy random password tool which you can use. I use it and each of my passwords are unique and created randomly. I only remember passwords for important services (like my Email) and the password to open the database. If a site ever gets hacked and your password for that site is exposed you won't have to worry about the rest of your passwords with this program. I highly recommend it to everyone that browses the internet.

@MODernChris: That looks very useful. One question, though. Where are the databases kept? On their servers, or is it a local thing?

Well, it's still orders of magnitude better than whatever the hell was I going to write... I feel like such an amateur now.

Hmm, I didn't get a mail. 

@valrog said:

@MODernChris: That looks very useful. One question, though. Where are the databases kept? On their servers, or is it a local thing?

Well, it's still orders of magnitude better than whatever the hell was I going to write... I feel like such an amateur now.

KeePass uses a local database. Although you are free to save the database where ever you want, USB-stick, server or HDD.

@mmzOne: Great. I was hoping it would be local.

Already changed my password last night. Hope they beefed up their security after this

Even though I'm in the U.S., I could do for changing my password again. It's only been 48 days or so since my last password swap. = /