diff --git a/src/Commands/CreateUserWithRLSPolicies.php b/src/Commands/CreateUserWithRLSPolicies.php
index fd0338b6..aa171d58 100644
--- a/src/Commands/CreateUserWithRLSPolicies.php
+++ b/src/Commands/CreateUserWithRLSPolicies.php
@@ -66,6 +66,7 @@ class CreateUserWithRLSPolicies extends Command
     protected function makeDatabaseConfig(
         PermissionControlledPostgreSQLSchemaManager $manager,
         string $username,
+        #[\SensitiveParameter]
         string $password,
     ): DatabaseConfig {
         /** @var TenantWithDatabase $tenantModel */
diff --git a/src/Features/UserImpersonation.php b/src/Features/UserImpersonation.php
index e2a0e69f..fd608cc4 100644
--- a/src/Features/UserImpersonation.php
+++ b/src/Features/UserImpersonation.php
@@ -30,7 +30,7 @@ class UserImpersonation implements Feature
     }
 
     /** Impersonate a user and get an HTTP redirect response. */
-    public static function makeResponse(string|ImpersonationToken $token, ?int $ttl = null): RedirectResponse
+    public static function makeResponse(#[\SensitiveParameter] string|ImpersonationToken $token, ?int $ttl = null): RedirectResponse
     {
         /** @var ImpersonationToken $token */
         $token = $token instanceof ImpersonationToken ? $token : ImpersonationToken::findOrFail($token);