So the scenario is: somebody breaks into the house, sits down at the gaming PC, and is able to poke around the local network because the gaming PC has no login password?
I wouldn't say it's THE scenario, but it's A scenario.
There's a reason IEEE says it's best practice to give IoT devices a strong username and password and to segment them away from the rest of your network, right?
