diff --git a/reposerver/server.go b/reposerver/server.go
index 25a1460f67..627c45a16e 100644
--- a/reposerver/server.go
+++ b/reposerver/server.go
@@ -9,7 +9,6 @@ import (
 	"github.com/grpc-ecosystem/go-grpc-middleware"
 	"github.com/grpc-ecosystem/go-grpc-middleware/logging/logrus"
 	log "github.com/sirupsen/logrus"
-	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/reflection"
 )
@@ -35,16 +34,10 @@ func (a *ArgoCDRepoServer) CreateGRPC() *grpc.Server {
 	server := grpc.NewServer(
 		grpc.StreamInterceptor(grpc_middleware.ChainStreamServer(
 			grpc_logrus.StreamServerInterceptor(a.log),
-			grpc_util.PayloadStreamServerInterceptor(a.log, false, func(ctx context.Context, fullMethodName string, servingObject interface{}) bool {
-				return true
-			}),
 			grpc_util.PanicLoggerStreamServerInterceptor(a.log),
 		)),
 		grpc.UnaryInterceptor(grpc_middleware.ChainUnaryServer(
 			grpc_logrus.UnaryServerInterceptor(a.log),
-			grpc_util.PayloadUnaryServerInterceptor(a.log, false, func(ctx context.Context, fullMethodName string, servingObject interface{}) bool {
-				return true
-			}),
 			grpc_util.PanicLoggerUnaryServerInterceptor(a.log),
 		)),
 	)
diff --git a/server/server.go b/server/server.go
index 7188798240..7182a71aa5 100644
--- a/server/server.go
+++ b/server/server.go
@@ -300,14 +300,17 @@ func (a *ArgoCDServer) useTLS() bool {
 
 func (a *ArgoCDServer) newGRPCServer() *grpc.Server {
 	var sOpts []grpc.ServerOption
-	loginMethodName := "/session.SessionService/Create"
+	sensitiveMethods := map[string]bool{
+		"/session.SessionService/Create":         true,
+		"/account.AccountService/UpdatePassword": true,
+	}
 	// NOTE: notice we do not configure the gRPC server here with TLS (e.g. grpc.Creds(creds))
 	// This is because TLS handshaking occurs in cmux handling
 	sOpts = append(sOpts, grpc.StreamInterceptor(grpc_middleware.ChainStreamServer(
 		grpc_logrus.StreamServerInterceptor(a.log),
 		grpc_auth.StreamServerInterceptor(a.authenticate),
 		grpc_util.PayloadStreamServerInterceptor(a.log, true, func(ctx netCtx.Context, fullMethodName string, servingObject interface{}) bool {
-			return fullMethodName != loginMethodName
+			return !sensitiveMethods[fullMethodName]
 		}),
 		grpc_util.ErrorCodeStreamServerInterceptor(),
 		grpc_util.PanicLoggerStreamServerInterceptor(a.log),
@@ -317,7 +320,7 @@ func (a *ArgoCDServer) newGRPCServer() *grpc.Server {
 		grpc_logrus.UnaryServerInterceptor(a.log),
 		grpc_auth.UnaryServerInterceptor(a.authenticate),
 		grpc_util.PayloadUnaryServerInterceptor(a.log, true, func(ctx netCtx.Context, fullMethodName string, servingObject interface{}) bool {
-			return fullMethodName != loginMethodName
+			return !sensitiveMethods[fullMethodName]
 		}),
 		grpc_util.ErrorCodeUnaryServerInterceptor(),
 		grpc_util.PanicLoggerUnaryServerInterceptor(a.log),