diff --git a/rust/ql/test/library-tests/sensitivedata/test.rs b/rust/ql/test/library-tests/sensitivedata/test.rs
index db834b54b06..a85db97fb72 100644
--- a/rust/ql/test/library-tests/sensitivedata/test.rs
+++ b/rust/ql/test/library-tests/sensitivedata/test.rs
@@ -41,7 +41,7 @@ fn test_passwords(
 	sink(my_password); // $ sensitive=password
 	sink(password_str); // $ sensitive=password
 	sink(password_confirmation); // $ sensitive=password
-	sink(profile_password); // $ MISSING: sensitive=password
+	sink(profile_password); // $ sensitive=password
 	sink(unencrypted_password); // $ MISSING: sensitive=password
 	sink(unencoded_password); // $ MISSING: sensitive=password
 	sink(pass_phrase); // $ sensitive=password
diff --git a/shared/concepts/codeql/concepts/internal/SensitiveDataHeuristics.qll b/shared/concepts/codeql/concepts/internal/SensitiveDataHeuristics.qll
index 32045c783c7..0f66d5b6c4f 100644
--- a/shared/concepts/codeql/concepts/internal/SensitiveDataHeuristics.qll
+++ b/shared/concepts/codeql/concepts/internal/SensitiveDataHeuristics.qll
@@ -151,7 +151,7 @@ module HeuristicNames {
   string notSensitiveRegexp() {
     result =
       "(?is).*([^\\w$.-]|redact|censor|obfuscate|hash|md5|sha|random|((?<!un)(en))?(crypt|(?<!pass)code)|"
-        + "certain|concert|secretar|wildcard|account(ant|ab|ing|ed)|file|path|([_-]|\\b)url).*"
+        + "certain|concert|secretar|wildcard|account(ant|ab|ing|ed)|(?<!pro)file|path|([_-]|\\b)url).*"
   }
 
   /**