The problem here is that it’s a false sense of security!
Even in real life, it’s actually quite a stretch that someone would innocently sit down at someone elses’ computer and just happen to click and open a file. I can’t really imagine a workplace where this could happen. A work computer is something quite private. It’s like leafing through someones phone, checking their dating app or email. You just don’t innocently happen to do that.
So, if someone is actually interested enough to risk the conflict, and even getting fired, to snoop around in someone elses’ computer when the rightful owner is taking a break then leaving that computer unattended and logged in to Windows is a very bad idea and once done there’s no telling what may have been installed.
For such a snooper, it’s much smarter and safer to first find a suitable listening tool software, then when the opportunity strikes spend 10-15 seconds to install it in the unattended and unprotected computer, than to sit down and start snooping around with the risk of being seen and asked awkward questions like “what the … are you doing?”.
My point being – requiring the password every time lulls the user into a false sense of security. We’d like to promote a consistent and real level of protection. Also, requiring the password every time will tend to discourage users from using really good and strong passwords, and will also discourage users for using it on many frequently used files because of the threshold to open them “Oh, no, I have type that 25 character long password again”.