diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index c55499e..9a38f0d 100644
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -12,4 +12,5 @@
 # Please keep the list sorted.
 #
 Adrien Barreau <adrien.barreau@ovhcloud.com>
+Cédric Roussel <cedric.roussel@ovhcloud.com>
 Stéphane Lesimple <stephane.lesimple@ovhcloud.com>
diff --git a/lib/perl/OVH/Bastion/allowkeeper.inc b/lib/perl/OVH/Bastion/allowkeeper.inc
index 9b83bcd..8447bdd 100644
--- a/lib/perl/OVH/Bastion/allowkeeper.inc
+++ b/lib/perl/OVH/Bastion/allowkeeper.inc
@@ -191,7 +191,7 @@ sub is_account_valid {
     elsif ($account =~ m/^[-.]/) {
         return R('KO_FORBIDDEN_PREFIX', msg => "$whatis name must not start with a '-' nor a '.'");
     }
-    elsif ($account =~ m/-tty$/i) {
+    elsif ($account =~ m/-(?:tty|aclkeeper|gatekeeper|owner)$/i) {
         return R('KO_FORBIDDEN_SUFFIX', msg => "$whatis name contains an unauthorized suffix");
     }
     elsif ($account =~ m/^key/i && $accountType ne 'group') {
diff --git a/tests/unit/run.pl b/tests/unit/run.pl
index a09c8d2..54b8473 100755
--- a/tests/unit/run.pl
+++ b/tests/unit/run.pl
@@ -161,6 +161,11 @@ ok(OVH::Bastion::is_account_valid(account => "azerty")->is_ok, "is_account_valid
 
 is(OVH::Bastion::is_account_valid(account => "in valid")->err, "KO_FORBIDDEN_CHARS", "is_account_valid('in valid')");
 
+for my $suffix (qw{ tty aclkeeper gatekeeper owner }) {
+    is(OVH::Bastion::is_account_valid(account => "account-$suffix")->err,
+        "KO_FORBIDDEN_SUFFIX", "is_account_valid('account-$suffix')");
+}
+
 is(OVH::Bastion::is_account_valid(account => "root")->err, "KO_FORBIDDEN_NAME", "is_account_valid('root')");
 
 ok(OVH::Bastion::is_bastion_account_valid_and_existing(account => "me")->is_ok,