or instead of a text file, it could be binary format, where instead of 100 character passphrase, its 256 bits of data representing the private key. In this case the client will not perform the first sha256 hash that it normally runs against the passphrase to obtain the private key.
If I could upvote this 1000 times, I would.
NXT API should be changed, it should be client's resposibility, to secure your wallet.
Also IMHO this would actually be MORE secure than what it is now, as the secret KEYS could be TRULY* random.
*-now they are output of sha, so secret key is as secure as your pass