diff --git a/openedx/core/djangoapps/user_api/accounts/__init__.py b/openedx/core/djangoapps/user_api/accounts/__init__.py
index caf78ca54ae0..9b2942ff3fca 100644
--- a/openedx/core/djangoapps/user_api/accounts/__init__.py
+++ b/openedx/core/djangoapps/user_api/accounts/__init__.py
@@ -40,7 +40,7 @@
 # It is shown to users who attempt to create a new account using invalid characters
 # in the username.
 USERNAME_INVALID_CHARS_ASCII = _(
-    "Usernames can only contain letters (A-Z, a-z), numerals (0-9), underscores (_), and hyphens (-)."
+    "Usernames must not contain the following symbols: #, <, >, [, ], |, {, }, /, \, :, @"
 )
 
 # Translators: This message is shown only when the Unicode usernames are allowed.
diff --git a/openedx/core/djangoapps/user_api/helpers.py b/openedx/core/djangoapps/user_api/helpers.py
index 6c4aabe6f42a..c91a5f7dd24f 100644
--- a/openedx/core/djangoapps/user_api/helpers.py
+++ b/openedx/core/djangoapps/user_api/helpers.py
@@ -98,7 +98,7 @@ class FormDescription:
     ALLOWED_TYPES = ["text", "email", "select", "textarea", "checkbox", "plaintext", "password", "hidden"]
 
     ALLOWED_RESTRICTIONS = {
-        "text": ["min_length", "max_length"],
+        "text": ["min_length", "max_length", "readonly"],
         "password": ["min_length", "max_length", "min_upper", "min_lower",
                      "min_punctuation", "min_symbol", "min_numeric", "min_alphabetic"],
         "email": ["min_length", "max_length", "readonly"],
diff --git a/openedx/core/djangoapps/user_authn/views/registration_form.py b/openedx/core/djangoapps/user_authn/views/registration_form.py
index efee92e700b7..2e65cb6b772b 100644
--- a/openedx/core/djangoapps/user_authn/views/registration_form.py
+++ b/openedx/core/djangoapps/user_authn/views/registration_form.py
@@ -29,6 +29,7 @@
 from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers
 from openedx.core.djangoapps.user_api import accounts
 from openedx.core.djangoapps.user_api.helpers import FormDescription
+from openedx.core.djangoapps.user_authn.toggles import is_require_third_party_auth_enabled
 from openedx.core.djangoapps.user_authn.utils import check_pwned_password
 from openedx.core.djangoapps.user_authn.utils import is_registration_api_v1 as is_api_v1
 from openedx.core.djangoapps.user_authn.views.utils import remove_disabled_country_from_list
@@ -590,7 +591,7 @@ def _add_username_field(self, form_desc, required=True):
             "username",
             label=username_label,
             instructions=username_instructions,
-            restrictions={
+            restrictions={"readonly":  "readonly"} if is_require_third_party_auth_enabled() else {
                 "min_length": accounts.USERNAME_MIN_LENGTH,
                 "max_length": accounts.USERNAME_MAX_LENGTH,
             },