diff --git a/irrd/server/graphql/resolvers.py b/irrd/server/graphql/resolvers.py
index 9fe6bb4d6..684b907f0 100644
--- a/irrd/server/graphql/resolvers.py
+++ b/irrd/server/graphql/resolvers.py
@@ -187,6 +187,8 @@ def resolve_rpsl_object_journal(rpsl_object, info: GraphQLResolveInfo):
         response['operation'] = response['operation'].name
         if response['origin']:
             response['origin'] = response['origin'].name
+        if response['objectText']:
+            response['objectText'] = remove_auth_hashes(response['objectText'])
         yield response
 
 
@@ -221,7 +223,7 @@ def _rpsl_db_query_to_graphql_out(query: RPSLDatabaseQuery, info: GraphQLResolve
         object_type = resolve_rpsl_object_type(row)
         for key, value in row.get('parsed_data', dict()).items():
             if key == 'auth':
-                value = remove_auth_hashes(value)
+                value = [remove_auth_hashes(v) for v in value]
             graphql_type = schema.graphql_types[object_type][key]
             if graphql_type == 'String' and isinstance(value, list):
                 value = '\n'.join(value)
diff --git a/irrd/utils/text.py b/irrd/utils/text.py
index e82344760..37af5e41d 100644
--- a/irrd/utils/text.py
+++ b/irrd/utils/text.py
@@ -12,7 +12,8 @@ def remove_auth_hashes(input: Optional[str]):
     if not input:
         return input
     # If there are no hashes, skip the RE for performance.
-    if not any([pw_hash in input for pw_hash in PASSWORD_HASHERS.keys()]):
+    input_lower = input.lower()
+    if not any([pw_hash.lower() in input_lower for pw_hash in PASSWORD_HASHERS.keys()]):
         return input
     return re_remove_passwords.sub(r'\1 %s  # Filtered for security' % PASSWORD_HASH_DUMMY_VALUE, input)