Knowing your domain may help hackers and other attackers when they trying to use brute force and break into your website by guessing passwords. For that reason the WordPress + Office 365 Login can be configured to redirect anyone who enters a user name ending with your (custom or default cloud) domain e.g. john.doe@your-domain.(onmicrosoft.)com into the default WordPress login form to Microsoft instead. Of course this is not a bullet proof solution but it will surely help avoid so called brute force attacks from being successful.
For further technical details please refer to the Configuration documentation