only in patch2:
unchanged:
--- a/core/lib/Drupal/Core/Field/Plugin/Field/FieldType/PasswordItem.php
+++ b/core/lib/Drupal/Core/Field/Plugin/Field/FieldType/PasswordItem.php
@@ -48,7 +48,12 @@ public function preSave() {
     }
     elseif ($entity->isNew() || (strlen(trim($this->value)) > 0 && $this->value != $entity->original->{$this->getFieldDefinition()->getName()}->value)) {
       // Allow alternate password hashing schemes.
-      $this->value = \Drupal::service('password')->hash(trim($this->value));
+      if (\Drupal::config('user.settings')->get('password_trim_spaces')) {
+        $this->value = \Drupal::service('password')->hash(trim($this->value));
+      }
+      else {
+        $this->value = \Drupal::service('password')->hash($this->value);
+      }
       // Abort if the hashing failed and returned FALSE.
       if (!$this->value) {
         throw new EntityMalformedException('The entity does not have a password.');
only in patch2:
unchanged:
--- a/core/lib/Drupal/Core/Render/Element/PasswordConfirm.php
+++ b/core/lib/Drupal/Core/Render/Element/PasswordConfirm.php
@@ -104,8 +104,14 @@ public static function processPasswordConfirm(&$element, FormStateInterface $for
    * Validates a password_confirm element.
    */
   public static function validatePasswordConfirm(&$element, FormStateInterface $form_state, &$complete_form) {
-    $pass1 = trim($element['pass1']['#value']);
-    $pass2 = trim($element['pass2']['#value']);
+    if (\Drupal::config('user.settings')->get('password_trim_spaces')) {
+      $pass1 = trim($element['pass1']['#value']);
+      $pass2 = trim($element['pass2']['#value']);
+    }
+    else {
+      $pass1 = $element['pass1']['#value'];
+      $pass2 = $element['pass2']['#value'];
+    }
     if (strlen($pass1) > 0 || strlen($pass2) > 0) {
       if (strcmp($pass1, $pass2)) {
         $form_state->setError($element, t('The specified passwords do not match.'));