diff --git a/backend/src/middleware/passwordMiddleware.js b/backend/src/middleware/passwordMiddleware.js
index 0aff222c8..0523d08dd 100644
--- a/backend/src/middleware/passwordMiddleware.js
+++ b/backend/src/middleware/passwordMiddleware.js
@@ -11,10 +11,15 @@ export default {
     }
   },
   Query: async (resolve, root, args, context, info) => {
-    const result = await resolve(root, args, context, info)
-    return walkRecursive(result, ['password'], () => {
+    let result = await resolve(root, args, context, info)
+    result = walkRecursive(result, ['password'], () => {
       // replace password with asterisk
       return '*****'
     })
+    result = walkRecursive(result, ['privateKey'], () => {
+      // replace password with asterisk
+      return '*****'
+    })
+    return result
   }
 }
diff --git a/backend/src/middleware/permissionsMiddleware.js b/backend/src/middleware/permissionsMiddleware.js
index 736ce20a9..f51051b19 100644
--- a/backend/src/middleware/permissionsMiddleware.js
+++ b/backend/src/middleware/permissionsMiddleware.js
@@ -73,7 +73,8 @@ const permissions = shield({
   },
   User: {
     email: isMyOwn,
-    password: isMyOwn
+    password: isMyOwn,
+    privateKey: isMyOwn
   }
 })