Aren't all your user accounts currently all separate logins?
An account is an account it makes no difference if the account is on a domain controller or a cloud server.
It's the same thing.
3 monthly password changes are a waste of time too.
Increase your password complexity and at the same time increase the time between changes.
Ours have 12 months between forced changes but the passwords must be longer than 15 characters and have complexity.
Since it has been over a decade since I was in IT I would assume that multiple logins would be controlled by the domain server now. But without being connected to a domain server if I had a MS account to their cloud, it would be a second account separate to my local account. When you connect to MS you are connecting to their domain server.
Password changes and lengths depends on the Security level of the business. I knew of a company that had monthly p/w changes, which the IT guy I knew there said it was a nightmare with Users. When I got out of IT, the company I worked for was just starting to use USB Key/Card access. Just not sure how that would work if someone needed to gain access on another workstation. Maybe Level access would of been implemented...
I use to always have a Windows Server running at home along with an Exchange Server so my workstations would login to the Domain. Now being out of IT, that hobby fizzled for me. Though I will be setting up a Windows Server to run
Blue Iris on, Windows has become ridiculous over the years following the trend of everyone else after our data...thank God for Linux...which btw reminds me, is anyone here running Linux programs in Windows? WSL or is setting up a VM still the way to go? I am running Home Assistant on a VM which runs Great...