diff --git a/src/ripple/basics/Log.h b/src/ripple/basics/Log.h
index 0ca8a61809..9a3ccc9656 100644
--- a/src/ripple/basics/Log.h
+++ b/src/ripple/basics/Log.h
@@ -230,10 +230,6 @@ private:
         maximumMessageCharacters = 12 * 1024
     };
 
-    static
-    std::string
-    scrub (std::string s);
-
     static
     void
     format (std::string& output, std::string const& message,
diff --git a/src/ripple/basics/impl/Log.cpp b/src/ripple/basics/impl/Log.cpp
index 0deef8a0ab..854eef0df2 100644
--- a/src/ripple/basics/impl/Log.cpp
+++ b/src/ripple/basics/impl/Log.cpp
@@ -289,26 +289,6 @@ Logs::fromString (std::string const& s)
     return lsINVALID;
 }
 
-// Replace the first secret, if any, with asterisks
-std::string
-Logs::scrub (std::string s)
-{
-    using namespace std;
-    char const* secretToken = "\"secret\"";
-    // Look for the first occurrence of "secret" in the string.
-    size_t startingPosition = s.find (secretToken);
-    if (startingPosition != string::npos)
-    {
-        // Found it, advance past the token.
-        startingPosition += strlen (secretToken);
-        // Replace the next 35 characters at most, without overwriting the end.
-        size_t endingPosition = std::min (startingPosition + 35, s.size () - 1);
-        for (size_t i = startingPosition; i < endingPosition; ++i)
-            s [i] = '*';
-    }
-    return s;
-}
-
 void
 Logs::format (std::string& output, std::string const& message,
     beast::severities::Severity severity, std::string const& partition)
@@ -334,13 +314,46 @@ Logs::format (std::string& output, std::string const& message,
     case kFatal:    output += "FTL "; break;
     }
 
-    output += scrub (message);
+    output += message;
 
+    // Limit the maximum length of the output
     if (output.size() > maximumMessageCharacters)
     {
         output.resize (maximumMessageCharacters - 3);
         output += "...";
     }
+
+    // Attempt to prevent sensitive information from appearing in log files by
+    // redacting it with asterisks.
+    auto scrubber = [&output](char const* token)
+    {
+        auto first = output.find(token);
+
+        // If we have found the specified token, then attempt to isolate the
+        // sensitive data (it's enclosed by double quotes) and mask it off:
+        if (first != std::string::npos)
+        {
+            first = output.find ('\"', first + std::strlen(token));
+
+            if (first != std::string::npos)
+            {
+                auto last = output.find('\"', ++first);
+
+                if (last == std::string::npos)
+                    last = output.size();
+
+                output.replace (first, last - first, last - first, '*');
+            }
+        }
+    };
+
+    scrubber ("\"seed\"");
+    scrubber ("\"seed_hex\"");
+    scrubber ("\"secret\"");
+    scrubber ("\"master_key\"");
+    scrubber ("\"master_seed\"");
+    scrubber ("\"master_seed_hex\"");
+    scrubber ("\"passphrase\"");
 }
 
 //------------------------------------------------------------------------------