Currently you cannot hide sensitive data in the catalog.

Adding a permission based "hide" functionality, where unless you have permission, the field is displayed as ***** could be helpful.