diff --git a/packages/cli/src/databases/entities/User.ts b/packages/cli/src/databases/entities/User.ts
index a9da54fe0dea5..238affb7c1df3 100644
--- a/packages/cli/src/databases/entities/User.ts
+++ b/packages/cli/src/databases/entities/User.ts
@@ -141,4 +141,9 @@ export class User extends WithTimestamps implements IUser {
 			scopeOptions,
 		);
 	}
+
+	toJSON() {
+		const { password, apiKey, mfaSecret, mfaRecoveryCodes, ...rest } = this;
+		return rest;
+	}
 }
diff --git a/packages/cli/test/unit/databases/entities/user.entity.test.ts b/packages/cli/test/unit/databases/entities/user.entity.test.ts
new file mode 100644
index 0000000000000..005e45df2c957
--- /dev/null
+++ b/packages/cli/test/unit/databases/entities/user.entity.test.ts
@@ -0,0 +1,20 @@
+import { User } from '@db/entities/User';
+
+describe('User Entity', () => {
+	describe('JSON.stringify', () => {
+		it('should not serialize sensitive data', () => {
+			const user = Object.assign(new User(), {
+				email: 'test@example.com',
+				firstName: 'Don',
+				lastName: 'Joe',
+				password: '123456789',
+				apiKey: '123',
+				mfaSecret: '123',
+				mfaRecoveryCodes: ['123'],
+			});
+			expect(JSON.stringify(user)).toEqual(
+				'{"email":"test@example.com","firstName":"Don","lastName":"Joe"}',
+			);
+		});
+	});
+});