diff --git a/website/thaliapp/views.py b/website/thaliapp/views.py
index 7a693e6c362988120360963c80dda815c6e0159b..8fd22d0b858bf32584741a3c8c6852047658bb98 100644
--- a/website/thaliapp/views.py
+++ b/website/thaliapp/views.py
@@ -6,6 +6,8 @@ from django.views.decorators.http import require_POST
 from django.contrib.auth import authenticate
 from django.contrib.staticfiles.finders import find as find_static_file
 from django.core.cache import cache
+from django.views.decorators.debug import (sensitive_variables,
+                                           sensitive_post_parameters)
 from thaliapp.models import Token
 from hashlib import sha256
 import base64
@@ -27,6 +29,8 @@ def get_photo(user):
     return photo
 
 
+@sensitive_post_parameters()
+@sensitive_variables('user', 'password', 'token')
 @csrf_exempt
 @require_POST
 def login(request):
@@ -50,9 +54,11 @@ def login(request):
                              })
     return JsonResponse({'status': 'error',
                          'msg': 'Authentication Failed'},
-                        status_code=403)
+                        status=403)
 
 
+@sensitive_post_parameters()
+@sensitive_variables('username', 'token')
 @csrf_exempt
 @require_POST
 def app(request):
@@ -67,7 +73,7 @@ def app(request):
     if user is None:
         return JsonResponse({'status': 'error',
                             'msg': 'Authentication Failed'},
-                            status_code=403)
+                            status=403)
     today = datetime.date.today()
     eightteen_years_ago = today.replace(year=today.year - 18)
     over18 = str(user.member.birthday <= eightteen_years_ago)
@@ -89,6 +95,8 @@ def app(request):
                          })
 
 
+@sensitive_post_parameters()
+@sensitive_variables('username', 'token')
 @csrf_exempt
 @require_POST
 def scan(request):
@@ -102,6 +110,6 @@ def scan(request):
     if user is None:
         return JsonResponse({'status': 'error',
                             'msg': 'Authentication Failed'},
-                            status_code=403)
+                            status=403)
     cache.set(''.join([qrtoken]), user, 300)
     return JsonResponse({'status': 'ok'})
diff --git a/website/thaliawebsite/views.py b/website/thaliawebsite/views.py
index 1332bf1fca17bd100178d176b258b86590c9776a..72c0076e5edaa4c2a7c794a9d7e7d9dd239ecb38 100644
--- a/website/thaliawebsite/views.py
+++ b/website/thaliawebsite/views.py
@@ -8,6 +8,8 @@ from django.shortcuts import render
 from django.utils import timezone
 from django.views.decorators.csrf import csrf_exempt
 from django.views.decorators.http import require_POST
+from django.views.decorators.debug import (sensitive_variables,
+                                           sensitive_post_parameters)
 
 from members.models import Member
 
@@ -17,6 +19,8 @@ def styleguide(request):
     return render(request, 'singlepages/styleguide.html')
 
 
+@sensitive_variables()
+@sensitive_post_parameters()
 @require_POST
 @csrf_exempt
 def wiki_login(request):
@@ -50,7 +54,7 @@ def wiki_login(request):
                              'committees': memberships})
     return JsonResponse({'status': 'error',
                          'msg': 'Authentication Failed'},
-                        status_code=403)
+                        status=403)
 
 
 @staff_member_required