diff --git a/cms/envs/common.py b/cms/envs/common.py
index 8f070d6ff7..2cad881cec 100644
--- a/cms/envs/common.py
+++ b/cms/envs/common.py
@@ -531,6 +531,16 @@ LIBRARY_AUTHORING_MICROFRONTEND_URL = None
 # .. toggle_creation_date: 2021-12-03
 # .. toggle_tickets: https://openedx.atlassian.net/browse/VAN-666
 ENABLE_AUTHN_RESET_PASSWORD_HIBP_POLICY = False
+# .. toggle_name: ENABLE_AUTHN_REGISTER_HIBP_POLICY
+# .. toggle_implementation: DjangoSetting
+# .. toggle_default: False
+# .. toggle_description: When enabled, this toggle activates the use of the password validation
+#   HIBP Policy on Authn MFE's registration.
+# .. toggle_use_cases: open_edx
+# .. toggle_creation_date: 2022-03-25
+# .. toggle_tickets: https://openedx.atlassian.net/browse/VAN-669
+ENABLE_AUTHN_REGISTER_HIBP_POLICY = False
+HIBP_REGISTRATION_PASSWORD_FREQUENCY_THRESHOLD = 3
 
 ############################# SOCIAL MEDIA SHARING #############################
 SOCIAL_SHARING_SETTINGS = {
diff --git a/lms/envs/common.py b/lms/envs/common.py
index 4795c58428..83709b11db 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -4822,6 +4822,16 @@ DISCUSSIONS_MFE_FEEDBACK_URL = None
 # .. toggle_creation_date: 2021-12-03
 # .. toggle_tickets: https://openedx.atlassian.net/browse/VAN-666
 ENABLE_AUTHN_RESET_PASSWORD_HIBP_POLICY = False
+# .. toggle_name: ENABLE_AUTHN_REGISTER_HIBP_POLICY
+# .. toggle_implementation: DjangoSetting
+# .. toggle_default: False
+# .. toggle_description: When enabled, this toggle activates the use of the password validation
+#   HIBP Policy on Authn MFE's registration.
+# .. toggle_use_cases: open_edx
+# .. toggle_creation_date: 2022-03-25
+# .. toggle_tickets: https://openedx.atlassian.net/browse/VAN-669
+ENABLE_AUTHN_REGISTER_HIBP_POLICY = False
+HIBP_REGISTRATION_PASSWORD_FREQUENCY_THRESHOLD = 3
 
 ############### Settings for the ace_common plugin #################
 ACE_ENABLED_CHANNELS = ['django_email']
diff --git a/openedx/core/djangoapps/user_api/accounts/api.py b/openedx/core/djangoapps/user_api/accounts/api.py
index 4fa9e76563..754882f2ce 100644
--- a/openedx/core/djangoapps/user_api/accounts/api.py
+++ b/openedx/core/djangoapps/user_api/accounts/api.py
@@ -641,12 +641,17 @@ def _validate_password(password, username=None, email=None, reset_password_page=
     except ValidationError as validation_err:
         raise errors.AccountPasswordInvalid(' '.join(validation_err.messages))
 
-    # TODO: VAN-666 - Restrict this feature to reset password page for now until it is
-    #  enabled on account sign in and register.
-    if settings.ENABLE_AUTHN_RESET_PASSWORD_HIBP_POLICY and reset_password_page:
+    if (
+        (settings.ENABLE_AUTHN_RESET_PASSWORD_HIBP_POLICY and reset_password_page) or
+        (settings.ENABLE_AUTHN_REGISTER_HIBP_POLICY and not reset_password_page)
+    ):
         pwned_response = check_pwned_password(password)
         if pwned_response.get('vulnerability', 'no') == 'yes':
-            raise errors.AccountPasswordInvalid(accounts.AUTHN_PASSWORD_COMPROMISED_MSG)
+            if (
+                reset_password_page or
+                pwned_response.get('frequency', 0) >= settings.HIBP_REGISTRATION_PASSWORD_FREQUENCY_THRESHOLD
+            ):
+                raise errors.AccountPasswordInvalid(accounts.AUTHN_PASSWORD_COMPROMISED_MSG)
 
 
 def _validate_country(country):
diff --git a/openedx/core/djangoapps/user_authn/views/registration_form.py b/openedx/core/djangoapps/user_authn/views/registration_form.py
index 79a66fa554..0321250a34 100644
--- a/openedx/core/djangoapps/user_authn/views/registration_form.py
+++ b/openedx/core/djangoapps/user_authn/views/registration_form.py
@@ -21,7 +21,7 @@ from common.djangoapps.edxmako.shortcuts import marketing_link
 from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers
 from openedx.core.djangoapps.user_api import accounts
 from openedx.core.djangoapps.user_api.helpers import FormDescription
-from openedx.core.djangoapps.user_authn.utils import is_registration_api_v1 as is_api_v1
+from openedx.core.djangoapps.user_authn.utils import check_pwned_password, is_registration_api_v1 as is_api_v1
 from openedx.core.djangolib.markup import HTML, Text
 from openedx.features.enterprise_support.api import enterprise_customer_for_request
 from common.djangoapps.student.models import (
@@ -238,6 +238,16 @@ class AccountCreationForm(forms.Form):
             email = self.cleaned_data.get('email')
             temp_user = User(username=username, email=email) if username else None
             validate_password(password, temp_user)
+
+            if settings.ENABLE_AUTHN_REGISTER_HIBP_POLICY:
+                # Checks the Pwned Databases for password vulnerability.
+                pwned_response = check_pwned_password(password)
+
+                if (
+                    pwned_response.get('vulnerability', 'no') == 'yes' and
+                    pwned_response.get('frequency', 0) >= settings.HIBP_REGISTRATION_PASSWORD_FREQUENCY_THRESHOLD
+                ):
+                    raise ValidationError(accounts.AUTHN_PASSWORD_COMPROMISED_MSG)
         return password
 
     def clean_email(self):