There are lots of different concepts flying around here, and not all of the answers are sufficiently accurate.
Encryption-
Yes, I encrypt all drives containing personal or business data, including Time Machine backups. I take my laptop a lot of places including business trips. If a computer, external drive, or backup drive is lost or stolen, I am
absolutely not interested in providing anyone with a treasure trove of open data about me, my family, and my business, our names, our legal documents, account numbers and other detailed financial asset information, photos, emails, messages, etc. I do not want all that dumped into some international identity theft cloud server. It could be an absolute disaster which I will prevent by using strong encryption, which Apple has so nicely made a very high priority for their hardware and software. For this same reason I also always enable FileVault for the boot drive and encrypt all external drives that could contain personal data.
I also don't want my photos and videos ending up on some shady AI training or stock photo server in who knows what unregulated country.
Encryption + backups means a lost/stolen laptop is not that big a deal. The hardware is insured so I can just go get a new one. The files are encrypted so personal data will not fall into the wrong hands, and I can rebuild the entire laptop just by restoring the last encrypted Time Machine backup to a new Mac.
Encryption used to be a pain because it was slow. Several years ago, Apple started enabling hardware-accelerated encryption. I think it was in the T2 chip originally? This made encryption so fast that on SSDs, it will not usually impact overall performance. Yes, encryption is much slower on hard drives, and is still best done when formatting because that takes no time at all compared to using the Encrypt command on the right-click menu. Note that if you right-click an encrypted volume, the command shows up as Decrypt.
FileVault/encryption password-
In both cases you need to remember your password. Do you use one only for all drives or one for each?
It's a lot easier to use one well-guarded password for all encrypted drives. Although with today's password managers it's somewhat workable to make a different password for each drive, but I think that gets too complicated as drives are added, removed, reformatted...
Case-sensitive-
For normal users there is no reason to turn on this obscure Unix option. For the users of this forum there is one very very strong reason to not use case-sensitive: Adobe apps don't like it. For example, if you look at the Photoshop system requirements right now, there is a line that has been in there for years:
Photoshop will not install on a volume that uses a case-sensitive file system
TouchID-
When I got my M1 MB Air and set it up I did the fingerprint procedure but never dared using it for fear it wouldn't work well.
The fact is the biometrics (TouchID and FaceID) are merely convenience features that do not replace the login password. They're just shortcuts. If you enabled TouchID/FaceID and it fails to recognize you, next the Apple device will ask you for your login password/passcode, so you are not locked out if they stop working, it just falls back to the password.
I often use my devices in public places like cafes and airports, and for that reason I LOVE the TouchID/FaceID biometrics, because when I use them, no one, and no cameras in the room, can watch or record me typing in my passwords!
