I’ve moved your post to the Ask the Community section of the forum, since it contains two unrelated comments, and no clear proposal for a new feature.
Auto-fill on page load does require the browser tab to be in focus, so this is known/expected behavior. Here is another thread on that topic:
However, the delay in the automatic auto-fill is not something I can test on my end (because I do not enable auto-fill on page load, for security reasons), so maybe other users will be able to confirm whether or not this behavior is reproducible.
I didn’t say “autofill” was bad for security, only automatic autofill (i.e., “autofill on page load”).
First, if you have set up URI matching to only check for the “correct domain”, then Bitwarden will attempt to autofill your password on every page that you visit within that domain. Even legitimate domains host third-part scripts on many of their web pages, to provide advertising or tracking services. It is easy for such scripts to inject invisible form fields into the web pages, which could trick Bitwarden into autofilling your credentials and allow the password and email to be harvested by the these third-party services. For this reason, I don’t want Bitwarden to autofill unless I’m actually on the login form for the website in question.
Also, legitimate websites can get compromised, so I prefer to have the opportunity to inspect the login form before autofilling my login credentials. Because a script can harvest your credentials as soon as they are autofilled (even before submitting the form), I prefer to only autofill on demand — e.g., using the Ctrl+Shift+L keyboard shortcut.