diff --git a/internal/domain/human.go b/internal/domain/human.go
index 02147e0a7c..f9e0ba372a 100644
--- a/internal/domain/human.go
+++ b/internal/domain/human.go
@@ -52,7 +52,7 @@ func (f Gender) Valid() bool {
 }
 
 func (u *Human) IsValid() bool {
-	return u.Profile != nil && u.Profile.IsValid() && u.Email != nil && u.Email.IsValid() && u.Phone == nil || (u.Phone != nil && u.Phone.PhoneNumber != "" && u.Phone.IsValid())
+	return u.Username != "" && u.Profile != nil && u.Profile.IsValid() && u.Email != nil && u.Email.IsValid() && u.Phone == nil || (u.Phone != nil && u.Phone.PhoneNumber != "" && u.Phone.IsValid())
 }
 
 func (u *Human) CheckOrgIAMPolicy(policy *OrgIAMPolicy) error {
diff --git a/internal/ui/login/handler/register_handler.go b/internal/ui/login/handler/register_handler.go
index 480d22689a..a686aceedd 100644
--- a/internal/ui/login/handler/register_handler.go
+++ b/internal/ui/login/handler/register_handler.go
@@ -1,9 +1,10 @@
 package handler
 
 import (
-	"github.com/caos/zitadel/internal/domain"
 	"net/http"
 
+	"github.com/caos/zitadel/internal/domain"
+
 	"golang.org/x/text/language"
 
 	caos_errs "github.com/caos/zitadel/internal/errors"
@@ -15,6 +16,7 @@ const (
 
 type registerFormData struct {
 	Email        string `schema:"email"`
+	Username     string `schema:"username"`
 	Firstname    string `schema:"firstname"`
 	Lastname     string `schema:"lastname"`
 	Language     string `schema:"language"`
@@ -33,6 +35,7 @@ type registerData struct {
 	HasLowercase              string
 	HasNumber                 string
 	HasSymbol                 string
+	ShowUsername              bool
 }
 
 func (l *Login) handleRegister(w http.ResponseWriter, r *http.Request) {
@@ -98,27 +101,43 @@ func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authReque
 		baseData:         l.getBaseData(r, authRequest, "Register", errType, errMessage),
 		registerFormData: *formData,
 	}
-	iam, _ := l.authRepo.GetIAM(r.Context())
-	if iam != nil {
-		policy, description, _ := l.getPasswordComplexityPolicy(r, iam.GlobalOrgID)
-		if policy != nil {
-			data.PasswordPolicyDescription = description
-			data.MinLength = policy.MinLength
-			if policy.HasUppercase {
-				data.HasUppercase = UpperCaseRegex
-			}
-			if policy.HasLowercase {
-				data.HasLowercase = LowerCaseRegex
-			}
-			if policy.HasSymbol {
-				data.HasSymbol = SymbolRegex
-			}
-			if policy.HasNumber {
-				data.HasNumber = NumberRegex
-			}
+
+	resourceOwner := authRequest.RequestedOrgID
+
+	if resourceOwner == "" {
+		iam, err := l.authRepo.GetIAM(r.Context())
+		if err != nil {
+			l.renderRegister(w, r, authRequest, formData, err)
+			return
+		}
+		resourceOwner = iam.GlobalOrgID
+	}
+
+	pwPolicy, description, _ := l.getPasswordComplexityPolicy(r, resourceOwner)
+	if pwPolicy != nil {
+		data.PasswordPolicyDescription = description
+		data.MinLength = pwPolicy.MinLength
+		if pwPolicy.HasUppercase {
+			data.HasUppercase = UpperCaseRegex
+		}
+		if pwPolicy.HasLowercase {
+			data.HasLowercase = LowerCaseRegex
+		}
+		if pwPolicy.HasSymbol {
+			data.HasSymbol = SymbolRegex
+		}
+		if pwPolicy.HasNumber {
+			data.HasNumber = NumberRegex
 		}
 	}
 
+	orgIAMPolicy, err := l.getOrgIamPolicy(r, resourceOwner)
+	if err != nil {
+		l.renderRegister(w, r, authRequest, formData, err)
+		return
+	}
+	data.ShowUsername = orgIAMPolicy.UserLoginMustBeDomain
+
 	funcs := map[string]interface{}{
 		"selectedLanguage": func(l string) bool {
 			if formData == nil {
@@ -138,6 +157,7 @@ func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authReque
 
 func (d registerFormData) toHumanDomain() *domain.Human {
 	return &domain.Human{
+		Username: d.Username,
 		Profile: &domain.Profile{
 			FirstName:         d.Firstname,
 			LastName:          d.Lastname,
diff --git a/internal/ui/login/static/i18n/de.yaml b/internal/ui/login/static/i18n/de.yaml
index 4fc546b5b6..d30511dd7a 100644
--- a/internal/ui/login/static/i18n/de.yaml
+++ b/internal/ui/login/static/i18n/de.yaml
@@ -143,6 +143,7 @@ Registration:
   Title: Registration
   Description: Gib deine Benutzerangaben an. Die E-Mail Adresse wird als Benutzernamen verwendet.
   Email: E-Mail
+  Username: Benutzername
   Firstname: Vorname
   Lastname: Nachname
   Language: Sprache
diff --git a/internal/ui/login/static/i18n/en.yaml b/internal/ui/login/static/i18n/en.yaml
index cfcd2dd0c5..42e4318c64 100644
--- a/internal/ui/login/static/i18n/en.yaml
+++ b/internal/ui/login/static/i18n/en.yaml
@@ -143,6 +143,7 @@ Registration:
   Title: Registration
   Description: Enter your Userdata. Your email address will be used as loginname.
   Email: E-Mail
+  Username: Username
   Firstname: Firstname
   Lastname: Lastname
   Language: Language
diff --git a/internal/ui/login/static/templates/register.html b/internal/ui/login/static/templates/register.html
index f14bf7278b..10c674c347 100644
--- a/internal/ui/login/static/templates/register.html
+++ b/internal/ui/login/static/templates/register.html
@@ -32,6 +32,18 @@
             <input class="lgn-input" type="text" id="email" name="email" autocomplete="email" value="{{ .Email }}" required>
         </div>
 
+        {{if .ShowUsername}}
+        <div class="lgn-field double">
+            <label class="lgn-label" for="email">{{t "Registration.Username"}}</label>
+            <div class="lgn-suffix-wrapper">
+                <input class="lgn-input lgn-suffix-input" type="text" id="username" name="username" autocomplete="email" value="{{ .Email }}" required>
+                {{if .DisplayLoginNameSuffix}}
+                    <span id="default-login-suffix" lgnsuffix class="loginname-suffix">@{{.PrimaryDomain}}</span>
+                {{end}}
+            </div>
+        </div>
+        {{end}}
+
         <div class="double-col">
             <div class="lgn-field">
                 <label class="lgn-label" for="languages">{{t "Registration.Language"}}</label>
@@ -109,6 +121,7 @@
     </div>
 </form>
 
+<script src="{{ resourceUrl "scripts/input_suffix_offset.js" }}"></script>
 <script src="{{ resourceUrl "scripts/form_submit.js" }}"></script>
 <script src="{{ resourceUrl "scripts/password_policy_check.js" }}"></script>
 <script src="{{ resourceUrl "scripts/register_check.js" }}"></script>