We have another nas off site, encrypted data transfer and encryption of the data at rest. Having the whole data encrypted is better off than lastpass where the whole vault wasn’t encrypted. Hopefully the things that are unencrypted and pain view would not be sensitive nature; such as text in the notes section.
I’ve researched pi hole but haven’t explored with it yet. Got as far as downloaded the docker image for it. I point out routers dns to the cloud flares security dns servers.
Commodity data that is packaged for resale typically doesn’t reach auction sites until months or even years after the initial breach. The buyer would then have to actually do the brute-force guessing on the parcel of vaults they have purchased (which increases your effective KDF iteration number by a factor equal to the number of vaults contained in the parcel). Thus, there will be a buffer period in which you have time to change you passwords. If your master passwords is reasonably strong (e.g., 5 or more random diceware words), then the length of this buffer period will be measured in centuries, even if the new owner of your stolen vault data is using a large GPU farm for cracking.
True. What about identity information? Was all of that data encapsulated in encryption?
*regarding lastpass
Not sure what you’re asking? Bitwarden encrypts all fields of all vault items, including identity items, credit card items, login items, and secure notes; even folder names are encrypted.
The only “identity information” that is left unencrypted is your Bitwarden login email. Thus, if your Bitwarden login email is [email protected], your vault may get some immediate scrutiny if Bitwarden’s vault database is ever stolen. 
I should have been clearer, I was referring to Lastpass since it was publicly made known that not everything in the vault was encrypted.
Fun fact lastpass has been around for 15 years, I’ve been around almost 3x’s as long and they’ve been hacked more than a user.
LastPass did not encrypt URL’s, IP addresses used for login, real customer names, general usage stats.
Basically the only things they did encrypt were the secure notes, user names and passwords, plus notes field.
They did not store billing information.
If LastPass was used in password reset incidents the URL for the reset was stored but not encrypted.
Hopefully time expired on those but who knows.
My understanding is the most probable risk is to use the URL information could be used to educate phishing attacks targeting you.
PiHole is worth while setting up, it really is.
You can block off hosted advertising at DNS level automatically which is really game changing for mobile devices where advert blocking is limited.
Can also block privacy tracking websites, known malicious sites, as well as group users to block adult sites etc for child safety (and just general internet security).
Very easy to customise to your needs too.
Really couldn’t live without it, to the point at which I carry a pi zero when visiting relatives to correct their sub optimal internet experience.
I run it on a pi but docker works fine, I just don’t really want to run the NAS 24/7. If you’re doing that anyway then go docker probably.
There’s only two types of internet user; those that have been hacked, and those that are about to be hacked.
Or was that something about motorcycle riders? I don’t know…
There are 2 types of people on this forum. Those who divide up users of the internet like you did, and those who don’t
Also from what I gather somebody tried brute forcing a good 12 character password using an RTX4090 and it took 69 hours using “commonly available tools” reported on the Technado podcast from memory.
They had a few sessions on LastPass if you’re interested.
Fair, but meant in jest Doctor B.
Unless the password was all-lowercase or all-numeric, or some other shenanigans were involved, this seems unlikely. Even for a fast MD5 hash, the 4090 can only get 164 billion guesses per second, so the average time to guess a lowercase password would be around 80 hours; however, the average time to crack a 12-character password consisting of randomly selected ASCII characters (including lowercase and uppercase letters, numbers, and special characters) would be 460 centuries.
It was thrown out there as a comment on the podcast I believe, so unable to verify the circumstances or even if legit.
Your comments are reassuring though for sure, thanks.