I supplied the first answer here and thanks guys for the great fill ins.
I wanted to add a few things. I, too, only keep my media and some innocuous documents on my DL2100 My Cloud. Any personal data, like user name and passwords, bank and CC accounts, etc. is kept in a password-protected MS Word file on my PC. If I forget a user name or password, I only have to remember one password – the one for my locked Word doc to find the others. I even periodically email it to my online email address whenever I can’t refer to it if I’m not on my computer. Wife also does same thing.
Since it is only she and I here, nobody gets into the NAS but us, so I “live dangerously” and get into the Dashboard with the default username and no password. Nobody wants my data, anyway! Even if they did, and find out the IP address of it they can’t even get into the router or beyond.
No other users on my NAS. If I want to send people files I have an unlimited online Cloud service called Pogoplug that is off site (in a real cloud) and I sometimes upload files there for people to download. That way nobody bogs down my network bandwidth either. I admit, with few users it makes it easier for me.
Oh, I did have someone get into my router once – and for a good reason, too. A few years ago there was a odd text message on my PC’s desktop. I scanned it with Norton and then opened it. Someone sharp who obviously wanted my router manufacture to fix something important, sent anyone found on the internet using same router a text file, telling us there was a hole in the router’s firewall and that anyone could get through when the SAMBA service of router was running, and advised all using samba to turn it off until Asus fixed it! A few days later Asus posted a firmware update with this very fix! After that, I have felt assured nobody unauthorized is going to get into my router again.