A site that skips the self-promotion and instead provides an actual interactive calculator is this one:
The derivation of the widely cited 1Password cost estimate of $6 per 232 guesses (for 100k iterations of PBKDF2-SHA256) is not documented in Jeffrey Goldberg’s 2021 blog article, but it appears to be based in part on the reports submitted by the 1st place and 2nd place winners in 1Password’s 2018 cracking challenge. These reports show that the winning teams’ operating costs were $3.85 and $2.00, respectively, per 232 guesses, so I can only speculate that the $6 figure represents an adjustment to take into account capital expenses (for example, $12k spent by the winning team to acquire 21 GPUs for their rig).
To crack a 4-word passphrase (if protected only by 5000 iterations) in a realistic amount of time (say, about 4 months), an attacker would have to invest in hardware expenses including at least $150k to assemble a rig containing a hundred high-end GPUs, and then pay the operating costs for running their rig continuously for 7000 hours. For now, I’ll guesstimate those operating costs as $10k.
If you increase the iteration count to 100,000 (i.e., 20× more than 5000), this would increase the time required to crack the passphrase to almost 7 years, and increase the operating costs to $200k. The capital expenses would not be affected by the iteration count.
So if you think that an adversary with this kind of computing power and operating budget would zero in specifically on your vault for a brute-force attack, then you may want to bump up your iteration count (or better yet, increase your password entropy).