For #3 I think something needs to be conveyed which gives some basic insight into the three active options. Incidentally, when I added the before+after option, level 5, the password strength indicator dropped significantly.
I wouldn't put much stock into the strength indicator. It really only serves as a guide. There has been discussion about replacing it but other features and fixes garner greater priority. The leet setting is in general is just another way to add some randomness to the recipe. I think the idea from the start is that given so many options to choose different hash algorithms, leet settings etc. are to make your password that much more secure. One could possibly argue that its overkill.
#4 is beyond me as yet. Sounds like you guys are saying something different as seems the case in many of the threads.
tanstaafl is saying an entry into this field will result in a change to your generated password. Keep that in mind, your password is
generated based on all these settings that you are choosing. If you take all these settings (master password, url, username, leet setting, modifier) and throw them in a blender, they come out the same way everytime. If one of these setting are not perfect. The password will not be generated correctly.
Picture this now. You create a new account for your bank website. You set your url, your username, the hash. You may even choose to use a leet setting and level. You have a brand new generated password that you submit to the banks registration page. Now 1 year passes by and your receive notification that your bank required you to change your password once per year for security purposes. Without the modifier you would have to either change your hash, or perhaps your leet setting. What if you prefer to use the same setting for every account you have though. You now have the option to simply put a 1 or an A or whatever in the modifier field giving you a new generated password as well as leaving all your account settings the same.
Hope this helps...