diff --git a/application/Espo/Core/Formula/Functions/EnvGroup/UserAttributeType.php b/application/Espo/Core/Formula/Functions/EnvGroup/UserAttributeType.php
index 14906aacf6..da5f4fbb28 100644
--- a/application/Espo/Core/Formula/Functions/EnvGroup/UserAttributeType.php
+++ b/application/Espo/Core/Formula/Functions/EnvGroup/UserAttributeType.php
@@ -29,10 +29,8 @@
 
 namespace Espo\Core\Formula\Functions\EnvGroup;
 
-use Espo\Core\Formula\{
-    Functions\BaseFunction,
-    ArgumentList,
-};
+use Espo\Core\Formula\ArgumentList;
+use Espo\Core\Formula\Functions\BaseFunction;
 
 use Espo\Core\Di;
 
@@ -41,6 +39,13 @@ class UserAttributeType extends BaseFunction implements
 {
     use Di\UserSetter;
 
+    /** @var string[] */
+    private array $forbiddenAttributeList = [
+        'password',
+        'apiKey',
+        'secretKey',
+    ];
+
     public function process(ArgumentList $args)
     {
         if (count($args) < 1) {
@@ -53,6 +58,10 @@ class UserAttributeType extends BaseFunction implements
             $this->throwBadArgumentType(1, 'string');
         }
 
+        if (in_array($attribute, $this->forbiddenAttributeList)) {
+            return null;
+        }
+
         return $this->user->get($attribute);
     }
 }