Stolen MacBook: should I worry about my data?
Your data is probably* safe if the following three criteria are met:
- You have FileVault turned on (full disk encryption).
- Your laptop requires a password on boot and every time you open the lid (auto screen lock).
- Your password is not well known (easy to guess).
TL;DR;
If you don't have FileVault turned on, then your data is in plaintext and anyone can read it all.
If you had a password, and that password is required every time you open your screen, AND you had FileVault turned on (or your company did), then they need to guess your password to decrypt the data.
But, if you had a dumb password, they can probably guess it. Check out haveibeenpwned.com to determine if you had a dumb password.
If you had a strong password, file vault, and your device requires you to enter a password, then you're probably ok.
Still, why not go through your accounts and reset them anyways. Now's a good of time as any. Get a password manager like 1password and let it autogenerate passwords for you.
Choose a not-dumb password (like a truly random string of 10 characters - google a pw generator) for your password manager and memorize it.
Do the same for your new laptop password.
You'll have to memorize two crazy passwords. Write them and put them in your wallet until you do remember them.
Alternate approach is the xkcd: Password Strength method of using a few words together. I personally find this easier to remember, but more difficult to type than a 10-character random password.
(*) Having all three of those three things true makes it "very unlikely" that someone will get your data; however, a motivated, and well resourced adversary, can eventually guess every single possible password you could have uses and decrypt the contents of the hard disk. That said, you have plenty of time to rotate your passwords.
I unlocked a Mac laptop that a friend "found in a bin" without knowing the password and accessed all data on it. After a quick bit of googling I created a new account and reset the existing account password. We worked out who owned the laptop previously, called her, and to my utter surprise, she said she threw it in the bin.
It was an older laptop and about a year ago (no idea what the model was) -- no idea if it applies to your laptop.
If they can access your account then they can get all your Chrome saved passwords.
Advice: reset all your passwords. Sorry.
This link describes how to reset your password (see Use Recovery Mode)