And, on OSX at least, every browser does this anyway, since the Keychain is right there to make use of and unlocking it is built into the OS. I'm really surprised Windows has no equivalent to this.
You're using Keychain correctly, but using your computer's authentication system incorrectly. Desktop environments in general (in Windows, OSX, Linux, etc.) assume that you will lock your session whenever you are not present and in control of the computer. (Thus, Keychain locks when the session is locked.) This is currently a big hassle to do, but all other security on the system is built up around that concept.
Really, PCs need something like TouchID. Or something like pairing to your phone, and then detecting it in proximity and prompting a TouchID confirmation from it. Phone goes out of proximity = computer locks.
I've found setting up a hot corner (I use the bottom left on OS X) works well for locking quickly. Quick flick of the wrist locks it no matter where the cursor is, and unlocking it is basically muscle memory for me.
I don't wish to encourage to culture of phone over-attachment.
I am not tethered to my phone, and I don't wish to be. It's always around here, somewhere, but not on my person unless I'm out of the house. If I get up, it is going to usually stay on the table. If I go upstairs, unless I'm using it, I'll probably leave it downstairs. I am not going to worry about keeping it in close proximity to keep my computer unlocked.
A lot of ThinkPad models have fingerprint scanners. The software connected to it sucks big time, as pretty much all oob software shipped with ThinkPads, but the hardware is there, and locking/unlocking with fingers works pretty decently. I guess we'd have to wait for Apple to discover it and fanfare it as the latest greatest invention to get any mindshare adoption of it though.
It's a big hassle because many of the things that cause you to get up from your computer will both distract you and require your hands: spilling coffee on the table and running to get a paper towel to wipe it up with; stopping your baby, in the same room, from touching something they're not supposed to; retrieving the next season-DVD of a TV series from your bookshelf. It would be far better if the computer "failed safe", so to speak.
Auto-lock/"screensaver mode" (wow, remember when computers had screensavers?) sort of does this, but the time the computer is most vulnerable (especially in any semi-public setting) is right after you dash away, not after it's been sitting idle for 15 minutes. When a computer's owner could come back at any minute, the best time for a social engineer to strike is the moment the owner leaves.
The last case especially (watching a marathon of some show with some friends) reveals an interesting bit of etiquette: it's rude to lock your computer in front of friends--it implicitly suggests they're likely to mess with it, and that you don't trust them enough to mess with it in a way that's merely funny, rather than potentially harmful. The great thing about an automatic proximity-based lock would be that, in going to the bathroom or whatever, the computer would always lock--so there'd be no decision to make which could be read into. (This is oddly similar to rhetoric regarding the incentive-structures of birth control pills vs. condoms.)
