diff --git a/audit/hashstructure.go b/audit/hashstructure.go
index c4e5593775..56b1dc05c0 100644
--- a/audit/hashstructure.go
+++ b/audit/hashstructure.go
@@ -32,6 +32,10 @@ func Hash(salter *salt.Salt, raw interface{}) error {
 			token := fn(s.ClientToken)
 			s.ClientToken = token
 		}
+		if s.Accessor != "" {
+			accessor := fn(s.Accessor)
+			s.Accessor = accessor
+		}
 
 	case *logical.Request:
 		if s == nil {
diff --git a/builtin/audit/file/backend.go b/builtin/audit/file/backend.go
index f52086745d..0b13a76c93 100644
--- a/builtin/audit/file/backend.go
+++ b/builtin/audit/file/backend.go
@@ -15,7 +15,7 @@ import (
 
 func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
 	if conf.Salt == nil {
-		return nil, fmt.Errorf("Nil salt passed in")
+		return nil, fmt.Errorf("nil salt")
 	}
 
 	path, ok := conf.Config["path"]
@@ -23,6 +23,16 @@ func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
 		return nil, fmt.Errorf("path is required")
 	}
 
+	// Check if hashing of accessor is disabled
+	hashAccessor := true
+	if hashAccessorRaw, ok := conf.Config["hash_accessor"]; ok {
+		value, err := strconv.ParseBool(hashAccessorRaw)
+		if err != nil {
+			return nil, err
+		}
+		hashAccessor = value
+	}
+
 	// Check if raw logging is enabled
 	logRaw := false
 	if raw, ok := conf.Config["log_raw"]; ok {
@@ -34,9 +44,10 @@ func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
 	}
 
 	b := &Backend{
-		path:   path,
-		logRaw: logRaw,
-		salt:   conf.Salt,
+		path:         path,
+		logRaw:       logRaw,
+		hashAccessor: hashAccessor,
+		salt:         conf.Salt,
 	}
 
 	// Ensure that the file can be successfully opened for writing;
@@ -55,9 +66,10 @@ func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
 // It doesn't do anything more at the moment to assist with rotation
 // or reset the write cursor, this should be done in the future.
 type Backend struct {
-	path   string
-	logRaw bool
-	salt   *salt.Salt
+	path         string
+	logRaw       bool
+	hashAccessor bool
+	salt         *salt.Salt
 
 	once sync.Once
 	f    *os.File
@@ -103,6 +115,7 @@ func (b *Backend) LogRequest(auth *logical.Auth, req *logical.Request, outerErr
 		if err := audit.Hash(b.salt, req); err != nil {
 			return err
 		}
+
 	}
 
 	var format audit.FormatJSON
@@ -149,15 +162,34 @@ func (b *Backend) LogResponse(
 		resp = cp.(*logical.Response)
 
 		// Hash any sensitive information
+
+		// Cache and restore accessor in the auth
+		var accessor string
+		if !b.hashAccessor && auth != nil && auth.Accessor != "" {
+			accessor = auth.Accessor
+		}
 		if err := audit.Hash(b.salt, auth); err != nil {
 			return err
 		}
+		if !b.hashAccessor && auth != nil && auth.Accessor != "" {
+			auth.Accessor = accessor
+		}
+
 		if err := audit.Hash(b.salt, req); err != nil {
 			return err
 		}
+
+		// Cache and restore accessor in the response
+		accessor = ""
+		if !b.hashAccessor && resp != nil && resp.Auth != nil && resp.Auth.Accessor != "" {
+			accessor = resp.Auth.Accessor
+		}
 		if err := audit.Hash(b.salt, resp); err != nil {
 			return err
 		}
+		if !b.hashAccessor && resp != nil && resp.Auth != nil && resp.Auth.Accessor != "" {
+			resp.Auth.Accessor = accessor
+		}
 	}
 
 	var format audit.FormatJSON
diff --git a/builtin/audit/syslog/backend.go b/builtin/audit/syslog/backend.go
index a44ff0c8f3..9fe3e8b78f 100644
--- a/builtin/audit/syslog/backend.go
+++ b/builtin/audit/syslog/backend.go
@@ -29,6 +29,16 @@ func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
 		tag = "vault"
 	}
 
+	// Check if hashing of accessor is disabled
+	hashAccessor := true
+	if hashAccessorRaw, ok := conf.Config["hash_accessor"]; ok {
+		value, err := strconv.ParseBool(hashAccessorRaw)
+		if err != nil {
+			return nil, err
+		}
+		hashAccessor = value
+	}
+
 	// Check if raw logging is enabled
 	logRaw := false
 	if raw, ok := conf.Config["log_raw"]; ok {
@@ -46,18 +56,20 @@ func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
 	}
 
 	b := &Backend{
-		logger: logger,
-		logRaw: logRaw,
-		salt:   conf.Salt,
+		logger:       logger,
+		logRaw:       logRaw,
+		hashAccessor: hashAccessor,
+		salt:         conf.Salt,
 	}
 	return b, nil
 }
 
 // Backend is the audit backend for the syslog-based audit store.
 type Backend struct {
-	logger gsyslog.Syslogger
-	logRaw bool
-	salt   *salt.Salt
+	logger       gsyslog.Syslogger
+	logRaw       bool
+	hashAccessor bool
+	salt         *salt.Salt
 }
 
 func (b *Backend) GetHash(data string) string {
@@ -145,15 +157,34 @@ func (b *Backend) LogResponse(auth *logical.Auth, req *logical.Request,
 		resp = cp.(*logical.Response)
 
 		// Hash any sensitive information
+
+		// Cache and restore accessor in the auth
+		var accessor string
+		if !b.hashAccessor && auth != nil && auth.Accessor != "" {
+			accessor = auth.Accessor
+		}
 		if err := audit.Hash(b.salt, auth); err != nil {
 			return err
 		}
+		if !b.hashAccessor && auth != nil && auth.Accessor != "" {
+			auth.Accessor = accessor
+		}
+
 		if err := audit.Hash(b.salt, req); err != nil {
 			return err
 		}
+
+		// Cache and restore accessor in the response
+		accessor = ""
+		if !b.hashAccessor && resp != nil && resp.Auth != nil && resp.Auth.Accessor != "" {
+			accessor = resp.Auth.Accessor
+		}
 		if err := audit.Hash(b.salt, resp); err != nil {
 			return err
 		}
+		if !b.hashAccessor && resp != nil && resp.Auth != nil && resp.Auth.Accessor != "" {
+			resp.Auth.Accessor = accessor
+		}
 	}
 
 	// Encode the entry as JSON