diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index d3e4c84c4add38bb762fc3fd6112d695b6169352..b8a5948a8f63b703f11be397ee1b09e80c0b25ba 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -18,6 +18,7 @@ Added
 * Create a reusable snippet for avatar content.
 * Allow to configure if additional field is required
 * Allow to configure description of additional fields
+* Allow configuring regex for allowed usernames
 
 Changed
 ~~~~~~~
diff --git a/aleksis/core/preferences.py b/aleksis/core/preferences.py
index c7ad53cec6e0d09406a02da80c43f72fc7865e30..352d5480d179189ad1c92ffd9d44c69fb63732af 100644
--- a/aleksis/core/preferences.py
+++ b/aleksis/core/preferences.py
@@ -279,6 +279,14 @@ class SignupEnabled(BooleanPreference):
     verbose_name = _("Enable signup")
 
 
+@site_preferences_registry.register
+class AllowedUsernameRegex(StringPreference):
+    section = auth
+    name = "allowed_username_regex"
+    default = ".+"
+    verbose_name = _("Regular expression for allowed usernames")
+
+
 @site_preferences_registry.register
 class InviteEnabled(BooleanPreference):
     section = auth
diff --git a/aleksis/core/settings.py b/aleksis/core/settings.py
index 087762de88b667f90c942f3596a7df4991faf627..00c0a6605e5c58d0c8078150d567362a73611ee3 100644
--- a/aleksis/core/settings.py
+++ b/aleksis/core/settings.py
@@ -362,6 +362,9 @@ ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE = True
 # Enforce uniqueness of email addresses
 ACCOUNT_UNIQUE_EMAIL = _settings.get("auth.login.registration.unique_email", True)
 
+# Configurable username validators
+ACCOUNT_USERNAME_VALIDATORS = "aleksis.core.util.auth_helpers.custom_username_validators"
+
 # Configuration for django-invitations
 
 # Use custom account adapter
diff --git a/aleksis/core/util/auth_helpers.py b/aleksis/core/util/auth_helpers.py
index 056b5156da68233d3b3ee2378ccffdff95cfbcd6..03f2b4bc8284e98bbd781abeb0dc6ff947622c30 100644
--- a/aleksis/core/util/auth_helpers.py
+++ b/aleksis/core/util/auth_helpers.py
@@ -3,6 +3,8 @@
 from typing import Any, Optional
 
 from django.conf import settings
+from django.contrib.auth.validators import ASCIIUsernameValidator
+from django.core.validators import RegexValidator
 from django.http import HttpRequest
 
 from allauth.account.adapter import DefaultAccountAdapter
@@ -134,3 +136,11 @@ class ClientProtectedResourceMixin(_ClientProtectedResourceMixin):
         required_scopes = set(self.get_scopes() or [])
         allowed_scopes = set(AppScopes().get_available_scopes(oauth_request.client) or [])
         return required_scopes.issubset(allowed_scopes)
+
+
+def validate_username_preference_regex(value: str):
+    regex = get_site_preferences()["auth__allowed_username_regex"]
+    return RegexValidator(regex)(value)
+
+
+custom_username_validators = [validate_username_preference_regex, ASCIIUsernameValidator()]