security concerns when configuring Windows 10 to automatically log into a Microsoft account-linked user account
I have just configured my Windows 10 desktop PC at home to automatically log into my Windows 10 user account that my Microsoft account is linked to on startup. My desktop is in my bedroom upstairs and I trust my parents who I live with to not snoop around. However, I was wondering if this could have any security concerns beyond "your account is essentially passwordless when starting your PC". For example, could someone abuse this usability change to steal my Microsoft password after logging in? Could someone do so through a malicious website? Could someone do so through a backdoor in an app?
In other words: which security risks does enabling automatic authentication on startup on a Windows 10 machine using a Microsoft account bring beyond guaranteeing an attacker with physical access to a non-booted machine can access my machine?
