diff --git a/lib/Net/LDAP3.php b/lib/Net/LDAP3.php
index 2662e915f3643db7aa224c1bf8587b619537c2d1..ef47daaaebb2c55fcb4724580c69e69c5547b8ee 100644
--- a/lib/Net/LDAP3.php
+++ b/lib/Net/LDAP3.php
@@ -2402,7 +2402,7 @@ class Net_LDAP3
             }
             else {
                 $this->_debug("S: " . ldap_error($this->conn));
-                $this->_warning("LDAP: Failed to replace attributes on $subject_dn: " . json_encode($attributes['replace']));
+                $this->_warning("LDAP: Failed to replace attributes on $subject_dn: " . $this->_encode_attrs($attributes['replace']));
                 return false;
             }
         }
@@ -2417,7 +2417,7 @@ class Net_LDAP3
             }
             else {
                 $this->_debug("S: " . ldap_error($this->conn));
-                $this->_warning("LDAP: Failed to delete attributes on $subject_dn: " . json_encode($attributes['del']));
+                $this->_warning("LDAP: Failed to delete attributes on $subject_dn: " . $this->_encode_attrs($attributes['del']));
                 return false;
             }
         }
@@ -2432,7 +2432,7 @@ class Net_LDAP3
             }
             else {
                 $this->_debug("S: " . ldap_error($this->conn));
-                $this->_warning("LDAP: Failed to add attributes on $subject_dn: " . json_encode($attributes['add']));
+                $this->_warning("LDAP: Failed to add attributes on $subject_dn: " . $this->_encode_attrs($attributes['add']));
                 return false;
             }
         }
@@ -2615,6 +2615,19 @@ class Net_LDAP3
         }
     }
 
+    /**
+     * Convert attributes array into a string for logging
+     * Remove plain text passwords
+     */
+    private function _encode_attrs($attributes)
+    {
+        if (isset($attributes['userpassword'])) {
+            $attributes['userpassword'] = '*';
+        }
+
+        return json_encode($attributes);
+    }
+
     /**
      * Quotes attribute value string
      *