I can imagine the time when my phone receives an email to my Yahoo mail, with my email address shown before my phone being unlocked, and the password to login to my mail box is next to it, in the notification.
This is so bad on Android 5 it's not even funny. When you enable that option it shows the whole list of notifications on the lock screen, each one of them has "sensitive information hidden" underneath, taking up lots of space. I know that sensitive information is hidden, I chose that option, no need to tell me for every single one of my notifications on the lockscreen!!!!
I'm always bothered that the SMSes for 2FA show up on the lock screen... could we not agree on a set of words that can block any message from appearing on the lock screen. Even just anything containing PIN or password would be a good start.