diff --git a/src/cmd_decrypt.rs b/src/cmd_decrypt.rs
index 9858314..299e4c7 100644
--- a/src/cmd_decrypt.rs
+++ b/src/cmd_decrypt.rs
@@ -14,6 +14,7 @@ use x509_parser::prelude::FromDer;
 use x509_parser::x509::SubjectPublicKeyInfo;
 use yubikey::piv::{AlgorithmId, decrypt_data};
 use yubikey::YubiKey;
+use zeroize::Zeroize;
 
 use crate::{consts, crypto_simple, util, util_enc_file, util_envelop, util_file, util_pgp, util_piv};
 use crate::compress::GzStreamDecoder;
@@ -58,6 +59,12 @@ pub struct CmdDecrypt {
     pub digest_algorithm: Option<String>,
 }
 
+impl Drop for CmdDecrypt {
+    fn drop(&mut self) {
+        self.pin.map(|mut p| p.zeroize());
+    }
+}
+
 pub fn decrypt(cmd_decrypt: CmdDecrypt) -> XResult<()> {
     debugging!("Cmd decrypt: {:?}", cmd_decrypt);
     let config = TinyEncryptConfig::load(TINY_ENC_CONFIG_FILE).ok();
@@ -311,6 +318,7 @@ fn try_decrypt_key_ecdh(config: &Option<TinyEncryptConfig>,
     let key = util::simple_kdf(shared_secret.as_slice());
     let decrypted_key = crypto_simple::decrypt(
         cryptor, &key, &wrap_key.nonce, &wrap_key.encrypted_data)?;
+    util::zeroize(pin);
     util::zeroize(key);
     util::zeroize(shared_secret);
     Ok(decrypted_key)
diff --git a/src/util_pgp.rs b/src/util_pgp.rs
index aa5c1a5..6a7aa67 100644
--- a/src/util_pgp.rs
+++ b/src/util_pgp.rs
@@ -11,6 +11,7 @@ pub fn read_and_verify_openpgp_pin(trans: &mut OpenPgpTransaction, pin: &Option<
         return simple_error!("User pin verify failed: {}", e);
     }
     success!("User pin verify success!");
+    util::zeroize(pin);
     Ok(())
 }