Good point. The sites for which I did create new passwords had issued new certs within the last week or so, but I hadn't really given adequate consideration to the possible ramifications of what might occur were I to create a new password on a site that did not yet have all its ducks in a row.