What do you think about the idea of heuristically detecting passwords in log lines and sanitising them? OTOH, I worry about it making people more complacent about putting passwords in not-safe places. On the other, there are some circumstances where it's hard to avoid.
