Should we re-enable safelogging on the console?

Our current console logging code uses FormatWithSafeLoggingDisabled to display sensitive information, on the theory that stdout logs are ephemeral.

But at !687 (comment 2830897), @eta rightly notes:

I don't really like this idea — oftentimes stdout is just "the systemd journal" or other persistent logging mechanism. Sure, you can call isatty on it, but that then verges into slightly magic behaviour.

Should we turn off this behavior before 1.0?