A secure voting feature was originally created by Tokenika. All credit goes to them. I, ColinTalksCrypto, simply modified this feature to allow the secure change of active permissions on an account.
Contrary to the on-line equivalent, with off-line transactions, if done properly, at no point in time is your private key exposed to the outside world. Thus the risk of being hacked is substantially reduced.
The main idea is to generate a transaction while being completely off-line and make sure the private key is used only for signing the transaction and is never exposed afterwards. The actual signing and key handling process uses only official EOSIO unmodified codebase. Thus the eosjs library is the only external dependency, while the rest of the code is pretty short and simple.
The process of the off-line transaction is divided into three simple steps, each of them in the form of an HTML page:
NOTE: Step 2 is to be done OFF-LINE, ideally on a computer which has never been connected to the Internet. You must have the file "eos.js" in the same directory as the html file in step #2.
Secure, Offline EOS Utilities is an open-source software created by Tokenika, an EOS block producer candidate. The source code is available at https://github.com/tokenika/secure-bp-voting on MIT Licence. A HTML version of this document is also available under this URL: https://tokenika.github.io/secure-bp-voting. It has been modified by ColinTalksCrypto to allow secure active permission key changing.
The code is offered to the EOS community for peer review. Tokenika and ColinTalksCrypto take no responsibility for the execution and the results of the execution of this code. Please review it to ensure its security before using it. This code is provided as is, under MIT Licence.