diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8e291d838a..8e0cb2809f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,11 +4,17 @@ Canonical reference for changes, improvements, and bugfixes for Boundary.
 
 ## vNext
 
+### New and Improved
+
+* controller: Relax account login name constraints to allow dash as valid character 
+  ([Issue](https://github.com/hashicorp/boundary/issues/759))
+  ([PR](https://github.com/hashicorp/boundary/pull/806))
+
 ### Bug Fixes
 
 * cli: Ensure errors print to stderr when token is not found
   ([Issue](https://github.com/hashicorp/boundary/issues/791))
-  ([PR](https://github.com/hashicorp/boundary/pull/799)]
+  ([PR](https://github.com/hashicorp/boundary/pull/799))
 
 ## v0.1.2
 
diff --git a/internal/auth/password/repository_account.go b/internal/auth/password/repository_account.go
index 71abcdffc0..ddab6b5460 100644
--- a/internal/auth/password/repository_account.go
+++ b/internal/auth/password/repository_account.go
@@ -42,7 +42,7 @@ func (r *Repository) CreateAccount(ctx context.Context, scopeId string, a *Accou
 		return nil, fmt.Errorf("create: password account: scope id empty: %w", errors.ErrInvalidParameter)
 	}
 	if !validLoginName(a.LoginName) {
-		return nil, fmt.Errorf("create: password account: invalid login name; must be all-lowercase alphanumeric: %w", errors.ErrInvalidParameter)
+		return nil, fmt.Errorf("create: password account: invalid login name; must be all-lowercase alphanumeric, period or hyphen: %w", errors.ErrInvalidParameter)
 	}
 
 	cc, err := r.currentConfig(ctx, a.AuthMethodId)
@@ -190,7 +190,7 @@ func (r *Repository) DeleteAccount(ctx context.Context, scopeId, withPublicId st
 	return rowsDeleted, nil
 }
 
-var reInvalidLoginName = regexp.MustCompile("[^a-z0-9.]")
+var reInvalidLoginName = regexp.MustCompile("[^a-z0-9.-]")
 
 func validLoginName(u string) bool {
 	if u == "" {
@@ -236,7 +236,7 @@ func (r *Repository) UpdateAccount(ctx context.Context, scopeId string, a *Accou
 		case strings.EqualFold("Description", f):
 		case strings.EqualFold("LoginName", f):
 			if !validLoginName(a.LoginName) {
-				return nil, db.NoRowsAffected, fmt.Errorf("update: password account: invalid user name: %w", errors.ErrInvalidParameter)
+				return nil, db.NoRowsAffected, fmt.Errorf("update: password account: invalid user name: must be all-lowercase alphanumeric, period or hyphen %w", errors.ErrInvalidParameter)
 			}
 			changeLoginName = true
 		default:
diff --git a/internal/auth/password/repository_account_test.go b/internal/auth/password/repository_account_test.go
index 51ccec79ca..158ba0e6bd 100644
--- a/internal/auth/password/repository_account_test.go
+++ b/internal/auth/password/repository_account_test.go
@@ -27,6 +27,8 @@ func TestCheckLoginName(t *testing.T) {
 		{"contains spaces", false},
 		{"NotLowerCase", false},
 		{"valid.loginname", true},
+		{"valid-loginname", true},
+		{"validloginname", true},
 	}
 	for _, tt := range tests {
 		tt := tt