It is inefficient to iterate over the protected keys for each key in the hash as in your solution. Rather, just iterate over the protected keys.
It is inefficient to generate the array of protected keys each time the method is called. Define that array outside of the method.
The following is better in these respects:
ProtectedKeys = %w[password confirmation]
def sanitize hash
new_hash = hash.dup
ProtectedKeys.each do |k| [k, k.to_sym].each do |k|
new_hash[k] = "xxxxxxxxx" if new_hash.key?(k) and new_hash[k].present?
end end
new_hash
end