diff --git a/oslo_utils/strutils.py b/oslo_utils/strutils.py
index e27a63d7..0bb9fc56 100644
--- a/oslo_utils/strutils.py
+++ b/oslo_utils/strutils.py
@@ -79,6 +79,8 @@ _SANITIZE_PATTERNS_WILDCARD = {}
 # have two parameters. Use different lists of patterns here.
 _FORMAT_PATTERNS_1 = [r'(%(key)s[0-9]*\s*[=]\s*)[^\s^\'^\"]+']
 _FORMAT_PATTERNS_2 = [r'(%(key)s[0-9]*\s*[=]\s*[\"\'])[^\"\']*([\"\'])',
+                      r'(%(key)s[0-9]*\s*[=]\s*[\"])[^\"]*([\"])',
+                      r'(%(key)s[0-9]*\s*[=]\s*[\'])[^\']*([\'])',
                       r'(%(key)s[0-9]*\s+[\"\'])[^\"\']*([\"\'])',
                       r'([-]{2}%(key)s[0-9]*\s+)[^\'^\"^=^\s]+([\s]*)',
                       r'(<%(key)s[0-9]*>)[^<]*(</%(key)s[0-9]*>)',
diff --git a/oslo_utils/tests/test_strutils.py b/oslo_utils/tests/test_strutils.py
index ef679ffb..12a09909 100644
--- a/oslo_utils/tests/test_strutils.py
+++ b/oslo_utils/tests/test_strutils.py
@@ -289,6 +289,17 @@ StringToBytesTest.generate_scenarios()
 
 class MaskPasswordTestCase(test_base.BaseTestCase):
 
+    def test_namespace_objects(self):
+        payload = """
+        Namespace(passcode='', username='', password='my"password',
+        profile='', verify=None, token='')
+        """
+        expected = """
+        Namespace(passcode='', username='', password='***',
+        profile='', verify=None, token='***')
+        """
+        self.assertEqual(expected, strutils.mask_password(payload))
+
     def test_sanitize_keys(self):
 
         lowered = [k.lower() for k in strutils._SANITIZE_KEYS]
diff --git a/releasenotes/notes/mask-password-pattern-c8c880098743de3e.yaml b/releasenotes/notes/mask-password-pattern-c8c880098743de3e.yaml
new file mode 100644
index 00000000..15b3efbf
--- /dev/null
+++ b/releasenotes/notes/mask-password-pattern-c8c880098743de3e.yaml
@@ -0,0 +1,5 @@
+---
+security:
+  - |
+    This patch ensures that we mask sensitive data when masking password, even
+    if double quotes are used as password value.