diff --git a/etc/defaults/security.conf b/etc/defaults/security.conf
index 5e05c3db8dde..584e204bfc63 100644
--- a/etc/defaults/security.conf
+++ b/etc/defaults/security.conf
@@ -1,4 +1,4 @@
-#	$NetBSD: security.conf,v 1.13 2004/09/28 15:03:58 erh Exp $
+#	$NetBSD: security.conf,v 1.14 2005/02/05 15:26:37 jdolecek Exp $
 #
 # /etc/defaults/security.conf --
 #	default configuration of /etc/security.conf
@@ -38,5 +38,6 @@ check_mtree_follow_symlinks=NO
 check_passwd_nowarn_shells="/sbin/nologin /usr/libexec/uucp/uucico"
 check_passwd_nowarn_users=""
 check_passwd_permit_star=NO
+check_passwd_permit_nonalpha=NO
 max_loginlen=8
 max_grouplen=8
diff --git a/etc/security b/etc/security
index b0cb62980e99..7e42b15463fc 100644
--- a/etc/security
+++ b/etc/security
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$NetBSD: security,v 1.93 2004/11/21 19:00:12 kim Exp $
+#	$NetBSD: security,v 1.94 2005/02/05 15:26:37 jdolecek Exp $
 #	from: @(#)security	8.1 (Berkeley) 6/9/93
 #
 
@@ -183,10 +183,15 @@ if checkyesno check_passwd; then
         # XXX: the sense of permit_star is reversed; the code works as
         # implemented, but usage needs to be negated.
 	checkyesno check_passwd_permit_star && permit_star=0 || permit_star=1
+	checkyesno check_passwd_permit_nonalpha \
+		 && permit_nonalpha=1 || permit_nonalpha=0
+
 	awk -v "len=$max_loginlen" \
 	    -v "nowarn_shells_list=$check_passwd_nowarn_shells" \
 	    -v "nowarn_users_list=$check_passwd_nowarn_users" \
-	    -v "permit_star=$permit_star" '
+	    -v "permit_star=$permit_star" \
+	    -v "permit_nonalpha=$permit_nonalpha" \
+	'
 	BEGIN {
 		while ( getline < "/etc/shells" > 0 ) {
 			if ($0 ~ /^\#/ || $0 ~ /^$/ )
@@ -216,7 +221,8 @@ if checkyesno check_passwd; then
 			        NR;
 			next;
 		}
-		if ($1 !~ /^[A-Za-z0-9]([-A-Za-z0-9]*[A-Za-z0-9])*$/)
+		if (!permit_nonalpha &&
+		    $1 !~ /^[A-Za-z0-9]([-A-Za-z0-9]*[A-Za-z0-9])*$/)
 			printf "Login %s has non-alphanumeric characters.\n",
 			    $1;
 		if (length($1) > len)
diff --git a/share/man/man5/security.conf.5 b/share/man/man5/security.conf.5
index 24e6567a392f..7ef7c82fc484 100644
--- a/share/man/man5/security.conf.5
+++ b/share/man/man5/security.conf.5
@@ -1,4 +1,4 @@
-.\"	$NetBSD: security.conf.5,v 1.27 2004/09/28 15:19:02 wiz Exp $
+.\"	$NetBSD: security.conf.5,v 1.28 2005/02/05 15:26:38 jdolecek Exp $
 .\"
 .\" Copyright (c) 1996 Matthew R. Green
 .\" All rights reserved.
@@ -26,7 +26,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd September 28, 2004
+.Dd Febrary 5, 2005
 .Dt SECURITY.CONF 5
 .Os
 .Sh NAME
@@ -190,6 +190,11 @@ This is of particular value when those shells are not in
 If
 .Sy check_passwd
 is enabled, suppress warnings for these users.
+.It Sy check_passwd_permit_nonalpha
+If
+.Sy check_passwd
+is enabled, do not warn about login names, which use non-alphanumeric
+characters.
 .It Sy check_passwd_permit_star
 If
 .Sy check_passwd