The docs for the HTML notebook password still describe a plaintext password in the config file. I remember this was updated to use a salted and hashed password.
Good catch, will do it in my doc update.
Closed by 6b3ee09.
Update docs on notebook password.