Just a small suggestion to improve the security a bit. To prevent prying eyes (or screen recording software) from seeing the password, it would be best to
Remove the paperencryptpassphrase div.
Set the paperpassphrase input type to password
Add another input to confirm the passphrase to avoid the user making a typing mistake.
On the plus side, by using a password input if someone makes a non-HTTPS rehost of the website, the end user will be warned by their web browser that it is not secured.
aofaon29
commented
6 years ago
Just a small suggestion to improve the security a bit. To prevent prying eyes (or screen recording software) from seeing the password, it would be best to
paperencryptpassphrasediv.paperpassphraseinput type topasswordOn the plus side, by using a password input if someone makes a non-HTTPS rehost of the website, the end user will be warned by their web browser that it is not secured.