I have a more complicated procedure than you and I'm still pretty sure I need to go through and change a bunch of passwords. Thing is, if a website running Cloudflare for authentication has your password, it doesn't matter if you have it locked up under three layers of encryption. It went in plaintext and that plaintext is the key.
Oh yes, regardless of what I said it's definitely still cause to change passwords and make sure everything is safe. But I'm still not too rushed about it because the next step is to just refrain from storing your personal details online or linking social media accounts. The trick is to not have anything worth hacking stored online in the first place, in my opinion. Although obviously it becomes more serious when it comes to things like banking or PayPal.