diff --git a/Cargo.lock b/Cargo.lock
index 8d41c0a..ac4a4bb 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -38,6 +38,7 @@ dependencies = [
  "cfg-if",
  "cipher 0.4.4",
  "cpufeatures",
+ "zeroize",
 ]
 
 [[package]]
@@ -79,6 +80,7 @@ dependencies = [
  "base64ct",
  "blake2",
  "password-hash",
+ "zeroize",
 ]
 
 [[package]]
@@ -449,6 +451,7 @@ checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
 dependencies = [
  "crypto-common",
  "inout",
+ "zeroize",
 ]
 
 [[package]]
diff --git a/Cargo.toml b/Cargo.toml
index 6bf7208..3d39168 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -51,7 +51,7 @@ lazy_static = "1.4.0"
 uuid = { version = "0.8", features = ["v4"] }
 steamguard = { version = "^0.10.0", path = "./steamguard" }
 dirs = "3.0.2"
-aes = "0.8.3"
+aes = { version = "0.8.3", features = ["zeroize"] }
 thiserror = "1.0.26"
 crossterm = { version = "0.23.2", features = ["event-stream"] }
 qrcode = { version = "0.12.0", optional = true }
@@ -61,10 +61,10 @@ zeroize = { version = "^1.6.0", features = ["std", "zeroize_derive"] }
 serde_path_to_error = "0.1.11"
 update-informer = { version = "1.0.0", optional = true, default-features = false, features = ["github"] }
 phonenumber = "0.3"
-cbc = { version = "0.1.2", features = ["std"] }
+cbc = { version = "0.1.2", features = ["std", "zeroize"] }
 inout = { version = "0.1.3", features = ["std"] }
 keyring = { version = "2.0.4", optional = true }
-argon2 = { version = "0.5.0", features = ["std"] }
+argon2 = { version = "0.5.0", features = ["std", "zeroize"] }
 pbkdf2 = { version = "0.12.1", features = ["parallel"] }
 sha1 = "0.10.5"
 rayon = "1.7.0"
diff --git a/steamguard/build.rs b/steamguard/build.rs
index f4b36ce..62cc5c3 100644
--- a/steamguard/build.rs
+++ b/steamguard/build.rs
@@ -1,6 +1,8 @@
 use std::path::Path;
 use std::path::PathBuf;
 
+use protobuf::descriptor::field_descriptor_proto::Type;
+use protobuf::reflect::FieldDescriptor;
 use protobuf::reflect::MessageDescriptor;
 use protobuf_codegen::Codegen;
 use protobuf_codegen::Customize;
@@ -44,32 +46,29 @@ struct GenSerde;
 
 impl CustomizeCallback for GenSerde {
 	fn message(&self, _message: &MessageDescriptor) -> Customize {
-		// Customize::default().before("#[derive(::serde::Serialize, ::serde::Deserialize)]")
-		Customize::default()
+		Customize::default().before("#[derive(::zeroize::Zeroize, ::zeroize::ZeroizeOnDrop)]")
+		// Customize::default()
 	}
 
 	fn enumeration(&self, _enum_type: &protobuf::reflect::EnumDescriptor) -> Customize {
-		Customize::default().before("#[derive(::serde::Serialize, ::serde::Deserialize)]")
+		Customize::default()
+			.before("#[derive(::serde::Serialize, ::serde::Deserialize, ::zeroize::Zeroize)]")
 	}
 
-	// fn field(&self, field: &FieldDescriptor) -> Customize {
-	// 	// if field.name() == "public_ip" {
-	// 	// 	eprintln!("type_name: {:?}", field.proto().type_name());
-	// 	// 	eprintln!("type_: {:?}", field.proto().type_());
-	// 	// 	eprintln!("{:?}", field.proto());
-	// 	// }
-	// 	if field.proto().type_() == Type::TYPE_ENUM {
-	// 		// `EnumOrUnknown` is not a part of rust-protobuf, so external serializer is needed.
-	// 		Customize::default().before(
-	// 			"#[serde(serialize_with = \"crate::protobufs::serialize_enum_or_unknown\", deserialize_with = \"crate::protobufs::deserialize_enum_or_unknown\")]")
-	// 	// } else if field.name() == "public_ip" {
-	// 	// 	Customize::default().before("#[serde(with = \"crate::protobufs::MessageFieldDef\")]")
-	// 	} else {
-	// 		Customize::default()
-	// 	}
-	// }
+	fn field(&self, field: &FieldDescriptor) -> Customize {
+		// if field.name() == "public_ip" {
+		// 	eprintln!("type_name: {:?}", field.proto().type_name());
+		// 	eprintln!("type_: {:?}", field.proto().type_());
+		// 	eprintln!("{:?}", field.proto());
+		// }
+		if field.proto().type_() == Type::TYPE_ENUM || field.proto().type_() == Type::TYPE_MESSAGE {
+			Customize::default().before("#[zeroize(skip)]")
+		} else {
+			Customize::default()
+		}
+	}
 
-	// fn special_field(&self, _message: &MessageDescriptor, _field: &str) -> Customize {
-	// 	Customize::default().before("#[serde(skip)]")
-	// }
+	fn special_field(&self, _message: &MessageDescriptor, _field: &str) -> Customize {
+		Customize::default().before("#[zeroize(skip)]")
+	}
 }
diff --git a/steamguard/src/protobufs.rs b/steamguard/src/protobufs.rs
index a8baa3b..3f53079 100644
--- a/steamguard/src/protobufs.rs
+++ b/steamguard/src/protobufs.rs
@@ -1,5 +1,27 @@
+use zeroize::Zeroize;
+
+use self::steammessages_base::{cmsg_ipaddress::Ip, cmsg_proto_buf_header::Ip_addr};
+
 include!(concat!(env!("OUT_DIR"), "/protobufs/mod.rs"));
 
+impl Zeroize for Ip {
+	fn zeroize(&mut self) {
+		match self {
+			Ip::V4(ip) => ip.zeroize(),
+			Ip::V6(ip) => ip.zeroize(),
+		}
+	}
+}
+
+impl Zeroize for Ip_addr {
+	fn zeroize(&mut self) {
+		match self {
+			Ip_addr::Ip(ip) => ip.zeroize(),
+			Ip_addr::IpV6(ip) => ip.zeroize(),
+		}
+	}
+}
+
 #[cfg(test)]
 mod parse_tests {
 	use protobuf::Message;