diff --git a/config/config.sample.php b/config/config.sample.php
index f12c75d91caa8..0dc8c0ca94db6 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -225,8 +225,8 @@
 'allow_user_to_change_display_name' => true,
 
 /**
- * Lifetime of the remember login cookie, which is set when the user clicks
- * the ``remember`` checkbox on the login screen.
+ * Lifetime of the remember login cookie. This should be larger than the
+ * session_lifetime. If it is set to 0 remember me is disabled.
  *
  * Defaults to ``60*60*24*15`` seconds (15 days)
  */
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index c30206ff3d56b..0eb4cda7b28b6 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -321,7 +321,14 @@ public function tryLogin($user, $password, $redirect_url, $remember_login = true
 		// TODO: remove password checks from above and let the user session handle failures
 		// requires https://github.com/owncloud/core/pull/24616
 		$this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]);
-		$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, IToken::REMEMBER);
+
+		$tokenType = IToken::REMEMBER;
+		if ((int)$this->config->getSystemValue('remember_login_cookie_lifetime', 60*60*24*15) === 0) {
+			$remember_login = false;
+			$tokenType = IToken::DO_NOT_REMEMBER;
+		}
+
+		$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, $tokenType);
 
 		// User has successfully logged in, now remove the password reset link, when it is available
 		$this->config->deleteUserValue($loginResult->getUID(), 'core', 'lostpassword');
diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php
index f2e8d112b64e5..815a73da66835 100644
--- a/tests/Core/Controller/LoginControllerTest.php
+++ b/tests/Core/Controller/LoginControllerTest.php
@@ -441,6 +441,10 @@ public function testLoginWithValidCredentials() {
 		$this->config->expects($this->once())
 			->method('setUserValue')
 			->with('uid', 'core', 'timezone', 'Europe/Berlin');
+		$this->config
+			->method('getSystemValue')
+			->with('remember_login_cookie_lifetime')
+			->willReturn(1234);
 		$this->userSession->expects($this->never())
 			->method('createRememberMeToken');
 
@@ -485,6 +489,10 @@ public function testLoginWithValidCredentialsAndRememberMe() {
 		$this->config->expects($this->once())
 			->method('deleteUserValue')
 			->with('uid', 'core', 'lostpassword');
+		$this->config
+			->method('getSystemValue')
+			->with('remember_login_cookie_lifetime')
+			->willReturn(1234);
 		$this->userSession->expects($this->once())
 			->method('createRememberMeToken')
 			->with($user);
@@ -545,6 +553,10 @@ public function testLoginWithoutPassedCsrfCheckAndLoggedIn() {
 			->method('deleteUserValue');
 		$this->userSession->expects($this->never())
 			->method('createRememberMeToken');
+		$this->config
+			->method('getSystemValue')
+			->with('remember_login_cookie_lifetime')
+			->willReturn(1234);
 
 		$expected = new \OCP\AppFramework\Http\RedirectResponse($redirectUrl);
 		$this->assertEquals($expected, $this->loginController->tryLogin('Jane', $password, $originalUrl));
@@ -582,6 +594,10 @@ public function testLoginWithValidCredentialsAndRedirectUrl() {
 		$this->config->expects($this->once())
 			->method('deleteUserValue')
 			->with('jane', 'core', 'lostpassword');
+		$this->config
+			->method('getSystemValue')
+			->with('remember_login_cookie_lifetime')
+			->willReturn(1234);
 
 		$expected = new \OCP\AppFramework\Http\RedirectResponse(urldecode($redirectUrl));
 		$this->assertEquals($expected, $this->loginController->tryLogin('Jane', $password, $originalUrl));
@@ -634,6 +650,10 @@ public function testLoginWithOneTwoFactorProvider() {
 		$this->config->expects($this->once())
 			->method('deleteUserValue')
 			->with('john', 'core', 'lostpassword');
+		$this->config
+			->method('getSystemValue')
+			->with('remember_login_cookie_lifetime')
+			->willReturn(1234);
 		$this->userSession->expects($this->never())
 			->method('createRememberMeToken');
 
@@ -686,6 +706,10 @@ public function testLoginWithMultipleTwoFactorProviders() {
 		$this->config->expects($this->once())
 			->method('deleteUserValue')
 			->with('john', 'core', 'lostpassword');
+		$this->config
+			->method('getSystemValue')
+			->with('remember_login_cookie_lifetime')
+			->willReturn(1234);
 		$this->userSession->expects($this->never())
 			->method('createRememberMeToken');