The default settings for Windows 10 strongly encourage you to sign in with a Microsoft account. Although it's easy enough to switch to a local account, there are good reasons for connecting that Microsoft account, including the ability to easily sync settings between devices.
But that powerful account is potentially a source of headaches if your credentials are stolen or phished. To protect yourself, I recommend that you turn on Microsoft's additional security features, which require a second form of authentication if someone tries to use those credentials on an unknown device.
The option is buried deep in the web interface for a Microsoft account. Fortunately, there's an easy-to-remember shortcut:
Signing in with your Microsoft account at that page gives you access to three advanced security settings:
Note that if you turn on two-step verification, you'll need to generate app passwords for signing in to Xbox, Microsoft Outlook, and third-party apps that can't receive a 2FA code.
Given the havoc that a hacked account can cause, I strongly recommend visiting this page and tightening up your Microsoft account security.
Previous tip: Protect removable storage devices with BitLocker encryption
Next week: Another Windows 10 tip from Ed Bott