diff --git a/keyserver/src/utils/validation-utils.js b/keyserver/src/utils/validation-utils.js
--- a/keyserver/src/utils/validation-utils.js
+++ b/keyserver/src/utils/validation-utils.js
@@ -142,6 +142,7 @@
     input,
     redactedTypes,
     () => redactedString,
+    { dontValidateInput: true },
   );
 }
 
diff --git a/keyserver/src/utils/validation-utils.test.js b/keyserver/src/utils/validation-utils.test.js
--- a/keyserver/src/utils/validation-utils.test.js
+++ b/keyserver/src/utils/validation-utils.test.js
@@ -87,4 +87,14 @@
     const redacted = { passwords: [{ password: redactedString }] };
     expect(sanitizeInput(validator, object)).toStrictEqual(redacted);
   });
+
+  it('should redact a string inside an object even if it fails validation', () => {
+    const validator = tShape<{ +password: string, +blah: string }>({
+      password: tPassword,
+      blah: t.String,
+    });
+    const object = { password: 'password' };
+    const redacted = { password: redactedString };
+    expect(sanitizeInput(validator, object)).toStrictEqual(redacted);
+  });
 });
diff --git a/lib/utils/conversion-utils.js b/lib/utils/conversion-utils.js
--- a/lib/utils/conversion-utils.js
+++ b/lib/utils/conversion-utils.js
@@ -74,25 +74,34 @@
   return [...result];
 }
 
+type ConvertObjectOptions = {
+  +dontValidateInput?: ?boolean,
+};
 function convertObject<T, I>(
   validator: TType<I>,
   input: I,
   typesToConvert: $ReadOnlyArray<TType<T>>,
   conversionFunction: T => T,
+  options?: ?ConvertObjectOptions,
 ): I {
   if (input === null || input === undefined) {
     return input;
   }
+  const dontValidateInput = options?.dontValidateInput;
 
   // While they should be the same runtime object,
-  // `TValidator` is `TType<T>` and `validator` is `TType<I>`.
+  // `tValidator` is `TType<T>` and `validator` is `TType<I>`.
   // Having them have different types allows us to use `assertWithValidator`
   // to change `input` flow type
-  const TValidator = typesToConvert[typesToConvert.indexOf(validator)];
-  if (TValidator && TValidator.is(input)) {
-    const TInput = assertWithValidator(input, TValidator);
-    const converted = conversionFunction(TInput);
-    return assertWithValidator(converted, validator);
+  const tValidator = typesToConvert[typesToConvert.indexOf(validator)];
+  if (tValidator && tValidator.is(input)) {
+    const tInput = assertWithValidator(input, tValidator);
+    const converted = conversionFunction(tInput);
+    if (dontValidateInput) {
+      return (converted: any);
+    } else {
+      return assertWithValidator(converted, validator);
+    }
   }
 
   if (validator.meta.kind === 'maybe' || validator.meta.kind === 'subtype') {
@@ -115,7 +124,11 @@
         conversionFunction,
       );
     }
-    return assertWithValidator(result, recastValidator);
+    if (dontValidateInput) {
+      return (result: any);
+    } else {
+      return assertWithValidator(result, recastValidator);
+    }
   }
   if (validator.meta.kind === 'union') {
     for (const innerValidator of validator.meta.types) {