Yeah. Especially if you use Yahoo email. People, there, are getting hacked all the time and then people in their address books start getting emails - supposedly from the account holder, saying "Help, I'm in _____ [foreign city], have been robbed and need you to send some money so I can get a replacement passport and airfare."
BEFORE you change your email password, however, examine your other email account settings, including "recovery questions" and other recovery options, such as secondary email addresses or cell-phone numbers. In some cases, the hackers change (or add to) these settings so that they receive notification when you change your password (and maybe even find out what the new one is).
As with ANY password, be sure NOT to use any information that may be easily obtainable. Don't use words that would be in any dictionary (even other languages). Don't use any names associated with you, your family, your friends, your employment, your location or your pets. Don't use birthdays, anniversaries, addresses, favourite books or movies or anything else that hackers either would be able to research about you or just run through lists of known words.
Since it's difficult for many people to remember passwords that don't fall into the above restrictions, you MAY use SOME of the above information IN COMBINATION with other, unrelated information, but try to make it as "unguessable" as possible. First of all, use at least one capital letter, at least one lower-case letter and one numeric digit (but not just adding "1" at the end - one of the first things done by too many people). Also, try to mix it up a bit - perhaps using two unrelated words an making an anagram phrase from them - just as long as the result is not just one or two dictionary words or a quote from a work of literature.
If you want maximum security and can accept having to write down a password that nobody could guess and almost nobody could remember, go to
THIS page and pick a string of 10 or 12 characters from the third line of random characters. I suggest the third, since it's more varied than the first line and because some systems won't accept some of the special characters used in the second line. For example, I just went there, right now, and grabbed these ten characters from that third line: F3vknK7GYX. That kind of password is not likely to be hacked and, if it WERE, then it could mean that there was a Trojan or keylogger on a computer where you entered that password or that someone saw you type it or saw where you had written it.
One final thing: no matter what you choose to use, remember to change your passwords once in a while in order to minimise the possibility of unauthorised access.
Oops! One more thing: NEVER use the same password for more than one account, web site, etc. Otherwise, if hackers DO get a valid password of yours, they can sweep right through all the places where you use the same password.