diff --git a/configs/login_server/grd_login.properties b/configs/login_server/grd_login.properties
index a181c6eee..eccde7fb8 100644
--- a/configs/login_server/grd_login.properties
+++ b/configs/login_server/grd_login.properties
@@ -47,3 +47,5 @@ session.timeout = 15
 unsecure.allow_passwort_via_json_request = 1
 unsecure.allow_auto_sign_transactions = 1
 unsecure.allow_cors_all = 1
+# default disable, passwords must contain a number, a lower character, a high character, special character, and be at least 8 characters long
+unsecure.allow_all_passwords = 1
\ No newline at end of file
diff --git a/docu/login_server.api.md b/docu/login_server.api.md
index c78d56a24..49a390c3a 100644
--- a/docu/login_server.api.md
+++ b/docu/login_server.api.md
@@ -47,13 +47,20 @@ Registrieren kannst du einen neuen Benutzer mit:
 
 POST http://localhost/login_api/createUser
 ```json
-data: {"email":"max.musterman@gmail.de", "first_name":"Max", "last_name":"Musterman" ,
-          "emailType": 2, "password":"123abcDE&"}
+data: {
+	"email":"max.musterman@gmail.de",
+	"first_name":"Max",
+	"last_name":"Musterman" ,
+    "emailType": 2,
+	"password":"123abcDE&"
+	"login_after_register":true
+	}
 ```
 
 - emailType: control email-text sended with email verification code
   - 2: default, if user has registered directly
   - 5: if user was registered by an admin 
+- login_after_register: if set to true auto-login after create user was successfull, means session cookie is set and session_id returned
 
 Wenn alles okay ist erhältst du:
 ```json
diff --git a/login_server b/login_server
index 9b9115290..d986fc925 160000
--- a/login_server
+++ b/login_server
@@ -1 +1 @@
-Subproject commit 9b9115290c8d2ead756d64b70ae63a6571aa4693
+Subproject commit d986fc925033092bb58ee3d6e2128ca509ecca38