diff --git a/core/attributedef.class.inc.php b/core/attributedef.class.inc.php
index b1fa1c480..f025cf312 100644
--- a/core/attributedef.class.inc.php
+++ b/core/attributedef.class.inc.php
@@ -112,6 +112,11 @@ interface iAttributeNoGroupBy
 	//no method, just a contract on implement
 }
 
+interface iAttributeSensitive
+{
+    //no method, just a contract on implement
+}
+
 /**
  * Attribute definition API, implemented in and many flavours (Int, String, Enum, etc.)
  *
@@ -138,13 +143,6 @@ abstract class AttributeDefinition
 
 	protected $aCSSClasses;
 
-    private $bIsSensitive = false;
-
-    public function IsSensitive()
-    {
-        return $this->bIsSensitive;
-    }
-
     public function GetType()
 	{
 		return Dict::S('Core:'.get_class($this));
@@ -3780,13 +3778,8 @@ class AttributeFinalClass extends AttributeString
  *
  * @package     iTopORM
  */
-class AttributePassword extends AttributeString implements iAttributeNoGroupBy
+class AttributePassword extends AttributeString implements iAttributeNoGroupBy, iAttributeSensitive
 {
-    private $bIsSensitive = true;
-    public function IsSensitive()
-    {
-        return $this->bIsSensitive;
-    }
     const SEARCH_WIDGET_TYPE = self::SEARCH_WIDGET_TYPE_RAW;
 
 	/**
@@ -3861,13 +3854,8 @@ class AttributePassword extends AttributeString implements iAttributeNoGroupBy
  *
  * @package     iTopORM
  */
-class AttributeEncryptedString extends AttributeString implements iAttributeNoGroupBy
+class AttributeEncryptedString extends AttributeString implements iAttributeNoGroupBy, iAttributeSensitive
 {
-    private $bIsSensitive = true;
-    public function IsSensitive()
-    {
-        return $this->bIsSensitive;
-    }
     const SEARCH_WIDGET_TYPE = self::SEARCH_WIDGET_TYPE_RAW;
 
 	static $sKey = null; // Encryption key used for all encrypted fields
@@ -9258,13 +9246,8 @@ class AttributeSubItem extends AttributeDefinition
 /**
  * One way encrypted (hashed) password
  */
-class AttributeOneWayPassword extends AttributeDefinition implements iAttributeNoGroupBy
+class AttributeOneWayPassword extends AttributeDefinition implements iAttributeNoGroupBy, iAttributeSensitive
 {
-    private $bIsSensitive = true;
-    public function IsSensitive()
-    {
-        return $this->bIsSensitive;
-    }
     const SEARCH_WIDGET_TYPE = self::SEARCH_WIDGET_TYPE_RAW;
 
 	/**
diff --git a/core/restservices.class.inc.php b/core/restservices.class.inc.php
index e6ff71b7d..a8201e8b3 100644
--- a/core/restservices.class.inc.php
+++ b/core/restservices.class.inc.php
@@ -123,7 +123,7 @@ class ObjectResult
 		$this->fields[$sAttCode] = $this->MakeResultValue($oObject, $sAttCode, $bExtendedOutput);
 	}
 	
-/*	public function SanitizeContent()
+public function SanitizeContent()
 	{
 		foreach($this->fields as $sAttCode => $value)
 		{
@@ -132,12 +132,15 @@ class ObjectResult
             } catch (Exception $e) { // for special cases like ID
                 continue;
             }
-			if ($oAttDef->IsSensitive())
+			if ($oAttDef instanceof iAttributeSensitive)
+            {
+                $this->fields[$sAttCode] = '******';
+            }
 			{
 				$this->fields[$sAttCode] = '******';
 			}
 		}
-	}*/
+	}
 }
 
 
@@ -709,7 +712,7 @@ class CoreServices implements iRestServiceProvider, iRestInputSanitizer
             foreach ($aJsonData['fields'] as $sAttCode => $value) {
                     $oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
                     var_dump($oAttDef);
-                if ($oAttDef->IsSensitive()) {
+                if ($oAttDef instanceof iAttributeSensitive) {
                         $aJsonData['fields'][$sAttCode] = '*****';
                     }
                 }