[kryten]

It's unified authentication and automatic synchronization between all devices.

If you have no Internet access (as per no domain access on Windows), it uses cached credentials.

[kintamanimatt]

That's a bit more of a reasonable explanation.

It seems convenient on the surface but I can think of many ways it's a really, really bad idea: third party snooping, the possibility of being locked out of your own computer if your Microsoft account is deleted/deactivated/password changed, possible expiration of cached credentials (and therefore inability to log in) during a protracted period of internet unavailability, etc

[kryten]

ALL of those are possible and have occurred to that class of account so you've hit the nail on the head there.