This research paper introduces SecretCentric, an innovative automated hardware-based password management system addressing the challenges of widely used password authentication methods, which have long been criticized for their poor performance. Password management plays a crucial role in protecting users' digital security and privacy, with key factors including password generation, storage, renewal, and reuse mitigation. Although numerous password managers and solutions have been introduced to tackle these challenges, password management automation has never been thoroughly explored. This study aims to revolutionize the field by eliminating the burden of manual password management from users by automating the entire process. Upon concluding a comprehensive survey, insights into user perceptions of password management and prevalent malpractices were identified. SecretCentric was designed to maximize the security and usability trade-off aligning with identified user expectations. Preliminary evaluations indicate that SecretCentric offers significant improvements over existing options, highlighting the necessity for an automated solution that balances security and usability in the era of increasing online services. The system's success demonstrates the importance of proper password management rather than replacement, contributing to research advancement in user authentication and credential management.

This research paper investigates the attitudes and behaviors of Sri Lankan internet users toward passwords and password managers. The study addresses the security flaws and malpractices associated with passwords and aims to identify effective password management solutions. Two surveys were conducted, one focusing on user attitudes and strategies related to passwords, and the other evaluating user experiences with decentralized offline password managers. The findings reveal that a significant portion of the participants employed complex password-creation strategies and utilized various methods for storing and reusing passwords. Male participants and individuals in the 20-29 age group were predominant in the study. Surprisingly, only a minority of participants had received training in password creation and management. The analysis also indicated that participants without training tended to create easily breakable pass-words, while those with training opted for more complex and stronger passwords. In terms of password management methods, participants without training relied on manual note-taking or memorization, while those with training pre-ferred secure password managers. Furthermore, the study found a higher prevalence of password reuse among partici-pants who used manual password creation methods compared to those who used password generators. The research underscores the need for improved password management practices and increased awareness among Sri Lankan internet users. The findings introduce novel insights into the existing knowledge of password management and lay the groundwork for developing targeted interventions and strategies to enhance security in the Sri Lankan online landscape.