diff --git a/core/modules/simpletest/src/WebTestBase.php b/core/modules/simpletest/src/WebTestBase.php
index 98f68fc..2596212 100644
--- a/core/modules/simpletest/src/WebTestBase.php
+++ b/core/modules/simpletest/src/WebTestBase.php
@@ -527,7 +527,7 @@ protected function drupalCreateUser(array $permissions = array(), $name = NULL)
 
     // Create a user assigned to that role.
     $edit = array();
-    $edit['name']   = !empty($name) ? $name : $this->randomMachineName();
+    $edit['name']   = !empty($name) ? $name : $this->getRandomGenerator()->string(8, TRUE, array('\Drupal\user\Plugin\Validation\Constraint\UserNameConstraintValidator', 'validCharacters'));
     $edit['mail']   = $edit['name'] . '@example.com';
     $edit['pass']   = user_password();
     $edit['status'] = 1;
diff --git a/core/modules/system/src/Tests/Path/UrlAlterFunctionalTest.php b/core/modules/system/src/Tests/Path/UrlAlterFunctionalTest.php
index 7f64ddb..baca1da 100644
--- a/core/modules/system/src/Tests/Path/UrlAlterFunctionalTest.php
+++ b/core/modules/system/src/Tests/Path/UrlAlterFunctionalTest.php
@@ -36,7 +36,7 @@ function testUrlAlter() {
     // Test a single altered path.
     $this->drupalGet("user/$name");
     $this->assertResponse('200', 'The user/username path gets resolved correctly');
-    $this->assertUrlOutboundAlter("user/$uid", "user/$name");
+    $this->assertUrlOutboundAlter("user/$uid", "user/" . urlencode($name));
 
     // Test that a path always uses its alias.
     $path = array('source' => "user/$uid/test1", 'alias' => 'alias/test1');
diff --git a/core/modules/user/src/Plugin/Validation/Constraint/UserNameConstraintValidator.php b/core/modules/user/src/Plugin/Validation/Constraint/UserNameConstraintValidator.php
index 5b788ca..0d99486 100644
--- a/core/modules/user/src/Plugin/Validation/Constraint/UserNameConstraintValidator.php
+++ b/core/modules/user/src/Plugin/Validation/Constraint/UserNameConstraintValidator.php
@@ -33,23 +33,49 @@ public function validate($items, Constraint $constraint) {
     if (strpos($name, '  ') !== FALSE) {
       $this->context->addViolation($constraint->multipleSpacesMessage);
     }
-    if (preg_match('/[^\x{80}-\x{F7} a-z0-9@_.\'-]/i', $name)
-      || preg_match(
-        '/[\x{80}-\x{A0}' .       // Non-printable ISO-8859-1 + NBSP
-        '\x{AD}' .                // Soft-hyphen
-        '\x{2000}-\x{200F}' .     // Various space characters
-        '\x{2028}-\x{202F}' .     // Bidirectional text overrides
-        '\x{205F}-\x{206F}' .     // Various text hinting characters
-        '\x{FEFF}' .              // Byte order mark
-        '\x{FF01}-\x{FF60}' .     // Full-width latin
-        '\x{FFF9}-\x{FFFD}' .     // Replacement characters
-        '\x{0}-\x{1F}]/u',        // NULL byte and control characters
-        $name)
-    ) {
+    if (static::hasIllegalCharacters($name)) {
       $this->context->addViolation($constraint->illegalMessage);
     }
     if (drupal_strlen($name) > USERNAME_MAX_LENGTH) {
       $this->context->addViolation($constraint->tooLongMessage, array('%name' => $name, '%max' => USERNAME_MAX_LENGTH));
     }
   }
+
+  /**
+   * Checks if the username has illegal characters.
+   *
+   * @param string $name
+   *   The username to check.
+   *
+   * @return bool
+   *   TRUE if the username has illegal characters, FALSE if not.
+   */
+  public static function hasIllegalCharacters($name) {
+    return preg_match('/[^\x{80}-\x{F7} a-z0-9@+_.\'-]/i', $name)
+    || preg_match(
+      '/[\x{80}-\x{A0}' .       // Non-printable ISO-8859-1 + NBSP
+      '\x{AD}' .                // Soft-hyphen
+      '\x{2000}-\x{200F}' .     // Various space characters
+      '\x{2028}-\x{202F}' .     // Bidirectional text overrides
+      '\x{205F}-\x{206F}' .     // Various text hinting characters
+      '\x{FEFF}' .              // Byte order mark
+      '\x{FF01}-\x{FF60}' .     // Full-width latin
+      '\x{FFF9}-\x{FFFD}' .     // Replacement characters
+      '\x{0}-\x{1F}]/u',        // NULL byte and control characters
+      $name);
+  }
+
+  /**
+   * Checks if the username has only valid characters.
+   *
+   * @param string $name
+   *   The username to check.
+   *
+   * @return bool
+   *   TRUE if the username has only valid characters, FALSE if not.
+   */
+  public static function validCharacters($name) {
+    return !static::hasIllegalCharacters($name);
+  }
+
 }
diff --git a/core/modules/user/src/Tests/UserValidationTest.php b/core/modules/user/src/Tests/UserValidationTest.php
index 81a9e48..9d68578 100644
--- a/core/modules/user/src/Tests/UserValidationTest.php
+++ b/core/modules/user/src/Tests/UserValidationTest.php
@@ -53,6 +53,7 @@ function testUsernames() {
       'foo@example.com'        => array('Valid username', 'assertNull'),
       'foo@-example.com'       => array('Valid username', 'assertNull'), // invalid domains are allowed in usernames
       'þòøÇßªř€'               => array('Valid username', 'assertNull'),
+      'foo+bar'                => array('Valid username', 'assertNull'), // '+' symbol is allowed
       'ᚠᛇᚻ᛫ᛒᛦᚦ'                => array('Valid UTF8 username', 'assertNull'), // runes
       ' foo'                   => array('Invalid username that starts with a space', 'assertNotNull'),
       'foo '                   => array('Invalid username that ends with a space', 'assertNotNull'),