diff --git a/packages/pds/src/api/app/bsky/actor/getPreferences.ts b/packages/pds/src/api/app/bsky/actor/getPreferences.ts
index 782ef34869a..1bca50f0bd1 100644
--- a/packages/pds/src/api/app/bsky/actor/getPreferences.ts
+++ b/packages/pds/src/api/app/bsky/actor/getPreferences.ts
@@ -1,5 +1,6 @@
 import { Server } from '../../../../lexicon'
 import AppContext from '../../../../context'
+import { AuthScope } from '../../../../auth'
 
 export default function (server: Server, ctx: AppContext) {
   server.app.bsky.actor.getPreferences({
@@ -7,9 +8,15 @@ export default function (server: Server, ctx: AppContext) {
     handler: async ({ auth }) => {
       const requester = auth.credentials.did
       const { services, db } = ctx
-      const preferences = await services
+      let preferences = await services
         .account(db)
         .getPreferences(requester, 'app.bsky')
+      if (auth.credentials.scope !== AuthScope.Access) {
+        // filter out personal details for app passwords
+        preferences = preferences.filter(
+          (pref) => pref.$type !== 'app.bsky.actor.defs#personalDetailsPref',
+        )
+      }
       return {
         encoding: 'application/json',
         body: { preferences },