diff --git a/Cargo.lock b/Cargo.lock
index 111052c6..a637e562 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -442,6 +442,7 @@ dependencies = [
  "sqlx",
  "time",
  "tracing",
+ "url",
  "uuid",
 ]
 
diff --git a/crates/atuin-server-postgres/Cargo.toml b/crates/atuin-server-postgres/Cargo.toml
index 647d934a..2345b39d 100644
--- a/crates/atuin-server-postgres/Cargo.toml
+++ b/crates/atuin-server-postgres/Cargo.toml
@@ -21,3 +21,4 @@ sqlx = { workspace = true }
 async-trait = { workspace = true }
 uuid = { workspace = true }
 futures-util = "0.3"
+url = "2.5.0"
diff --git a/crates/atuin-server-postgres/src/lib.rs b/crates/atuin-server-postgres/src/lib.rs
index 6dc56fe4..8a010195 100644
--- a/crates/atuin-server-postgres/src/lib.rs
+++ b/crates/atuin-server-postgres/src/lib.rs
@@ -1,3 +1,4 @@
+use std::fmt::Debug;
 use std::ops::Range;
 
 use async_trait::async_trait;
@@ -23,11 +24,26 @@ pub struct Postgres {
     pool: sqlx::Pool<sqlx::postgres::Postgres>,
 }
 
-#[derive(Clone, Debug, Deserialize, Serialize)]
+#[derive(Clone, Deserialize, Serialize)]
 pub struct PostgresSettings {
     pub db_uri: String,
 }
 
+// Do our best to redact passwords so they're not logged in the event of an error.
+impl Debug for PostgresSettings {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        let redacted_uri = url::Url::parse(&self.db_uri)
+            .map(|mut url| {
+                let _ = url.set_password(Some("****"));
+                url.to_string()
+            })
+            .unwrap_or(self.db_uri.clone());
+        f.debug_struct("PostgresSettings")
+            .field("db_uri", &redacted_uri)
+            .finish()
+    }
+}
+
 fn fix_error(error: sqlx::Error) -> DbError {
     match error {
         sqlx::Error::RowNotFound => DbError::NotFound,