If checked, the a MaskPasswordsConsoleLogFilter will be injected into EVERY Build, regardless of the Project's settings. This is generally bad practice, but if your foremost concern is having secrets hidden, it may be worth trying. Note that this should be tested with your jobs before being relied on; it's possible that custom Job types will not honor this. Pipeline jobs are not currently supported, vote for JENKINS-30777) if you really need this functionality.