diff --git a/inc/html.php b/inc/html.php
index ba4e54d8c3da22d970b6a3bd77b50aa0c73563d3..59a3de344dfa9449324de8ac21646b71d16760da 100644
--- a/inc/html.php
+++ b/inc/html.php
@@ -1138,13 +1138,11 @@ function html_debug(){
 
   //remove sensitive data
   $cnf = $conf;
-  $cnf['auth']='***';
-  $cnf['notify']='***';
-  $cnf['ftp']='***';
+  debug_guard($cnf);
   $nfo = $INFO;
-  $nfo['userinfo'] = '***';
+  debug_guard($nfo);
   $ses = $_SESSION;
-  $ses[$conf['title']]['auth'] = '***';
+  debug_guard($ses);
 
   print '<html><body>';
 
diff --git a/inc/infoutils.php b/inc/infoutils.php
index 1fc55702e9bc6721efcdf2eb137b540cf8d3368f..18de75c2832d34527f74be2503f6c1fa16b7f897 100644
--- a/inc/infoutils.php
+++ b/inc/infoutils.php
@@ -316,3 +316,20 @@ function dbg_backtrace(){
   return implode("\n", $calls);
 }
 
+/**
+ * Remove all data from an array where the key seems to point to sensitive data
+ *
+ * This is used to remove passwords, mail addresses and similar data from the
+ * debug output
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ */
+function debug_guard(&$data){
+    foreach($data as $key => $value){
+        if(preg_match('/(notify|pass|auth|secret|ftp|userinfo|token|buid|mail|proxy)/i',$key)){
+            $data[$key] = '***';
+            continue;
+        }
+        if(is_array($value)) debug_guard($data[$key]);
+    }
+}