I am currently working with WordPress which uses "pwd" as the password key.

Not the end of the world - extend and override works fine.

But it would be nice if we could configure keys or patterns for keys that should be considered sensitive data and removed.