[Edited to add that the post below was composed and posted before I saw David’s response above…which I will now read!]
Following up to clarify this part of my second question (and to try answering it myself):
The discussion of passphrase length in Reinhold’s Diceware FAQ suggests that I should use a 6-word passphrase (77 bits entropy), based on the fact that I “need or want strong security, but take no special precautions to protect your computer from unauthorized physical access, beyond locking the front door of your house or office”.
However, the table in this 1password blog post suggests that with 1,000 PBKDF2 iterations, using a GPU-based cracking tool, a 77-bit passphrase would require 3.5 billion years to crack. Since Bitwarden uses 200,000 iterations, this is equivalent to a 7-bit increase in entropy (log2200 = 7.6) compared to cracking the same passphrase iterated only 1,000 times. Thus, a 6-word passphrase seems like overkill.
Unless I have completely misunderstood my reading, I think that for a target like me, attackers would not bother if the mean time to crack was on the order of a decade – which would be the case for a 49-bit passphrase when only 1,000 PBKDF2 iterations are required (per the table linked above). For Bitwarden’s 200,000 iterations, it seems only 41 bits of entropy would be required – which can be achieved with 16 dice rolls. Thus, shouldn’t it be sufficient to use, say, 3 Diceware words plus one randomly chosen special character/number (or 4 words from one of the EFF short lists)?