I have always been curious - keylogger aside, is there any risk after typing a password into the user name field at Windows logon?
Besides someone looking over your shoulder and seeing it, not really. If just type it and never hit enter then there is no risk at all (baring key loggers and the like). If you hit enter then there is a slightly more risk. The Windows Event logger will log failed logins which will have the username there so if someone viewed the log they would see it.
For your personal Windows, there's a slim chance. For networks and applications, yes.
For applications it depends on what the application tracks in its logs. I had an application that tracked login attempts. It stored username, timestamp, IP Address and status among other info. I was able to determine several passwords by seeing an unsuccessful login attempt immediately followed by a successful login attempt from the same address. Being familiar with the userids, I could tell which ones were a result from mis-typing the ID and which ones were the passwords.
Though, since windows keeps the Event Logs, scanning the event logs for a similar situation may reveal the password.