diff --git a/core/modules/user/config/install/user.mail.yml b/core/modules/user/config/install/user.mail.yml
index f8e41ce..2484958 100644
--- a/core/modules/user/config/install/user.mail.yml
+++ b/core/modules/user/config/install/user.mail.yml
@@ -1,3 +1,8 @@
+register_password_set:
+  body: "[user:name],\n\nThank you for registering at [site:name]. You may now log in and verify your account by clicking this link or copying and pasting it to your browser:\n\n[user:one-time-login-url]\n\nThis link can only be used once. You will be able to log in at [site:login-url] in the future using:\n\nusername: [user:name]\npassword: Your password\n\n--  [site:name] team"
+  subject: 'Account details for [user:name] at [site:name]'
+register_password_set_activation:
+  body: "[user:name],\n\nYour account at [site:name] has been activated.\n\nYou will be able to log in to [site:login-url] in the future using:\n\nusername: [user:name]\npassword: your password.\n\n--  [site:name] team"
 cancel_confirm:
   body: "[user:display-name],\n\nA request to cancel your account has been made at [site:name].\n\nYou may now cancel your account on [site:url-brief] by clicking this link or copying and pasting it into your browser:\n\n[user:cancel-url]\n\nNOTE: The cancellation of your account is not reversible.\n\nThis link expires in one day and nothing will happen if it is not used.\n\n--  [site:name] team"
   subject: 'Account cancellation request for [user:display-name] at [site:name]'
diff --git a/core/modules/user/config/install/user.settings.yml b/core/modules/user/config/install/user.settings.yml
index 8372ccd..e62b62f 100644
--- a/core/modules/user/config/install/user.settings.yml
+++ b/core/modules/user/config/install/user.settings.yml
@@ -1,5 +1,6 @@
 anonymous: Anonymous
 verify_mail: true
+password_register: false
 notify:
   cancel_confirm: true
   password_reset: true
diff --git a/core/modules/user/config/schema/user.schema.yml b/core/modules/user/config/schema/user.schema.yml
index 627d8a6..fe075ff 100644
--- a/core/modules/user/config/schema/user.schema.yml
+++ b/core/modules/user/config/schema/user.schema.yml
@@ -10,6 +10,9 @@ user.settings:
     verify_mail:
       type: boolean
       label: 'Require email verification when a visitor creates an account'
+    password_register:
+      type: boolean
+      label: 'Require people to choose a password during registration.'
     notify:
       type: mapping
       label: 'Notify user'
@@ -67,6 +70,12 @@ user.mail:
   register_no_approval_required:
     type: mail
     label: 'Registration confirmation (No approval required)'
+  register_password_set:
+    type: mail
+    label: 'Registration with password confirmation (No approval required)'
+  register_password_set_activation:
+    type: mail
+    label: 'Registration with password activation'
   register_pending_approval:
     type: mail
     label: 'Registration confirmation (Pending approval)'
diff --git a/core/modules/user/src/AccountForm.php b/core/modules/user/src/AccountForm.php
index 8b0149e..df1dd94 100644
--- a/core/modules/user/src/AccountForm.php
+++ b/core/modules/user/src/AccountForm.php
@@ -158,7 +158,9 @@ public function form(array $form, FormStateInterface $form_state) {
         }
       }
     }
-    elseif (!$config->get('verify_mail') || $admin) {
+    // Show the password fields on registration when verify_mail is false,
+    // or verify_mail & password_register are set or the user is an admin.
+    elseif (!$config->get('verify_mail') || ($config->get('verify_mail') && $config->get('password_register')) || $admin) {
       $form['account']['pass'] = array(
         '#type' => 'password_confirm',
         '#size' => 25,
diff --git a/core/modules/user/src/AccountSettingsForm.php b/core/modules/user/src/AccountSettingsForm.php
index e714884..7a45010 100644
--- a/core/modules/user/src/AccountSettingsForm.php
+++ b/core/modules/user/src/AccountSettingsForm.php
@@ -165,6 +165,22 @@ public function buildForm(array $form, FormStateInterface $form_state) {
       '#default_value' => $config->get('verify_mail'),
       '#description' => $this->t('New users will be required to validate their email address prior to logging into the site, and will be assigned a system-generated password. With this setting disabled, users will be logged in immediately upon registering, and may select their own passwords during registration.')
     );
+    $form['registration_cancellation']['user_password_register'] = array(
+      '#type' => 'checkbox',
+      '#title' => t('Require people to choose a password during registration.'),
+      '#description' => t('If <em>Require e-mail verification</em> is disabled, this setting is automatically enabled.'),
+      '#default_value' => $config->get('password_register'),
+      '#states' => array(
+        // Disable this option if email_verification is unchecked.
+        'disabled' => array(
+        'input[name="user_email_verification"]' => array('checked' => FALSE),
+        ),
+        // Enable this option if email_verification is checked.
+        'enabled' => array(
+        'input[name="user_email_verification"]' => array('checked' => TRUE),
+        ),
+      )
+    );
     $form['registration_cancellation']['user_password_strength'] = array(
       '#type' => 'checkbox',
       '#title' => $this->t('Enable password strength indicator'),
@@ -283,6 +299,45 @@ public function buildForm(array $form, FormStateInterface $form_state) {
       '#rows' => 15,
     );
 
+    $form['email_password_set_activation'] = array(
+      '#type' => 'details',
+      '#title' => t('Welcome (password set at registration)'),
+      '#collapsed' => TRUE,
+      '#description' => t('Edit the welcome e-mail messages sent to new members upon registering, when no administrator approval is required and password has already been set.') . ' ' . $email_token_help,
+      '#group' => 'email',
+    );
+    $form['email_password_set_activation']['user_mail_register_password_set_activation_subject'] = array(
+      '#type' => 'textfield',
+      '#title' => t('Subject'),
+      '#default_value' => $mail_config->get('register_password_set_activation.subject'),
+      '#maxlength' => 180,
+    );
+    $form['email_password_set_activation']['user_mail_register_password_set_activation_body'] = array(
+      '#type' => 'textarea',
+      '#title' => t('Body'),
+      '#default_value' => $mail_config->get('register_password_set_activation.body'),
+      '#rows' => 15,
+    );
+    $form['email_password_set'] = array(
+      '#type' => 'details',
+      '#title' => t('Account activation (password set at registration)'),
+      '#collapsed' => TRUE,
+      '#description' => t('Edit the activation e-mail messages sent to new members upon registering, when no administrator approval is required and password has already been set during registration.') . ' ' . $email_token_help,
+      '#group' => 'email',
+    );
+    $form['email_password_set']['user_mail_register_password_set_subject'] = array(
+      '#type' => 'textfield',
+      '#title' => t('Subject'),
+      '#default_value' => $mail_config->get('register_password_set.subject'),
+      '#maxlength' => 180,
+    );
+    $form['email_password_set']['user_mail_register_password_set_body'] = array(
+      '#type' => 'textarea',
+      '#title' => t('Body'),
+      '#default_value' => $mail_config->get('register_password_set.body'),
+      '#rows' => 15,
+    );
+
     $form['email_password_reset'] = array(
       '#type' => 'details',
       '#title' => $this->t('Password recovery'),
@@ -435,6 +490,7 @@ public function submitForm(array &$form, FormStateInterface $form_state) {
       ->set('register', $form_state->getValue('user_register'))
       ->set('password_strength', $form_state->getValue('user_password_strength'))
       ->set('verify_mail', $form_state->getValue('user_email_verification'))
+      ->set('password_register', $form_state->getValue('user_password_register'))
       ->set('cancel_method', $form_state->getValue('user_cancel_method'))
       ->set('notify.status_activated', $form_state->getValue('user_mail_status_activated_notify'))
       ->set('notify.status_blocked', $form_state->getValue('user_mail_status_blocked_notify'))
@@ -449,6 +505,10 @@ public function submitForm(array &$form, FormStateInterface $form_state) {
       ->set('register_admin_created.subject', $form_state->getValue('user_mail_register_admin_created_subject'))
       ->set('register_no_approval_required.body', $form_state->getValue('user_mail_register_no_approval_required_body'))
       ->set('register_no_approval_required.subject', $form_state->getValue('user_mail_register_no_approval_required_subject'))
+      ->set('register_password_set_activation.body', $form_state->getValue('user_mail_register_password_set_activation_body'))
+      ->set('register_password_set_activation.subject', $form_state->getValue('user_mail_register_password_set_activation_subject'))
+      ->set('register_password_set.body', $form_state->getValue('user_mail_register_password_set_body'))
+      ->set('register_password_set.subject', $form_state->getValue('user_mail_register_password_set_subject'))
       ->set('register_pending_approval.body', $form_state->getValue('user_mail_register_pending_approval_body'))
       ->set('register_pending_approval.subject', $form_state->getValue('user_mail_register_pending_approval_subject'))
       ->set('register_pending_approval_admin.body', $form_state->getValue('register_pending_approval_admin_body'))
diff --git a/core/modules/user/src/Entity/User.php b/core/modules/user/src/Entity/User.php
index 1dcdefb..0e8c839 100644
--- a/core/modules/user/src/Entity/User.php
+++ b/core/modules/user/src/Entity/User.php
@@ -126,6 +126,16 @@ public function postSave(EntityStorageInterface $storage, $update = TRUE) {
       if ($this->status->value != $this->original->status->value) {
         // The user's status is changing; conditionally send notification email.
         $op = $this->status->value == 1 ? 'status_activated' : 'status_blocked';
+
+        // Send the password_set activation e-mail to the user
+        // if the account never signed in and if we are
+        // called from the user_register_form and password_register
+        // is set to enabled.
+        if (!$this->login->value && \Drupal::config('user.settings')->get('password_register') && !$this->original->status->value && $this->status->value) {
+          $op = 'register_password_set_activation';
+        }
+
+        // Notify the user.
         _user_mail_notify($op, $this);
       }
     }
diff --git a/core/modules/user/src/RegisterForm.php b/core/modules/user/src/RegisterForm.php
index d24a4b4..a70ca18 100644
--- a/core/modules/user/src/RegisterForm.php
+++ b/core/modules/user/src/RegisterForm.php
@@ -75,15 +75,23 @@ protected function actions(array $form, FormStateInterface $form_state) {
    * {@inheritdoc}
    */
   public function submitForm(array &$form, FormStateInterface $form_state) {
+    $config = \Drupal::config('user.settings');
     $admin = $form_state->getValue('administer_users');
 
-    if (!\Drupal::config('user.settings')->get('verify_mail') || $admin) {
+    if (!$config->get('verify_mail') || ($config->get('verify_mail') && $config->get('password_register')) || $admin) {
       $pass = $form_state->getValue('pass');
     }
     else {
       $pass = user_password();
     }
 
+    // If we are not an admin and we try to register and password_register
+    // is set, make sure the status is set to disabled before we save
+    // the newly created account.
+    if ($config->get('verify_mail') && $config->get('password_register') && !$form_state->getValue('uid') && !$admin) {
+      $form_state->setValue('status', 0);
+    }
+
     // Remove unneeded values.
     $form_state->cleanValues();
 
@@ -97,6 +105,7 @@ public function submitForm(array &$form, FormStateInterface $form_state) {
    * {@inheritdoc}
    */
   public function save(array $form, FormStateInterface $form_state) {
+    $config = \Drupal::config('user.settings');
     $account = $this->entity;
     $pass = $account->getPassword();
     $admin = $form_state->getValue('administer_users');
@@ -118,11 +127,20 @@ public function save(array $form, FormStateInterface $form_state) {
     if ($admin && !$notify) {
       drupal_set_message($this->t('Created a new user account for <a href=":url">%name</a>. No email has been sent.', array(':url' => $account->url(), '%name' => $account->getUsername())));
     }
+    // E-mail verification enabled, but users set a password during registration.
+    elseif (!$admin && $config->get('register') == USER_REGISTER_VISITORS && $config->get('password_register') && !$account->isActive()) {
+      // Notify the user.
+      _user_mail_notify('register_password_set', $account);
+
+      drupal_set_message($this->t('A welcome message with further instructions has been sent to your email address.'));
+      $form_state->setRedirect('<front>');
+    }
     // No email verification required; log in user immediately.
-    elseif (!$admin && !\Drupal::config('user.settings')->get('verify_mail') && $account->isActive()) {
+    elseif (!$admin && !$config->get('verify_mail') && $account->isActive()) {
       _user_mail_notify('register_no_approval_required', $account);
       user_login_finalize($account);
       drupal_set_message($this->t('Registration successful. You are now logged in.'));
+
       $form_state->setRedirect('<front>');
     }
     // No administrator approval required.
diff --git a/core/modules/user/src/Tests/UserRegistrationTest.php b/core/modules/user/src/Tests/UserRegistrationTest.php
index 1e16bc7..dd2a7f1 100644
--- a/core/modules/user/src/Tests/UserRegistrationTest.php
+++ b/core/modules/user/src/Tests/UserRegistrationTest.php
@@ -128,6 +128,49 @@ function testRegistrationWithoutEmailVerification() {
     $this->assertText(t('Member for'), 'User can log in after administrator approval.');
   }
 
+  function testRegistrationWithPasswordSet() {
+    // Require e-mail verification, but let's users choose a password during registration
+    // and allow registration by site visitors without administrator approval.
+    $this->config('user.settings')
+      ->set('verify_mail', TRUE)
+      ->set('register', USER_REGISTER_VISITORS)
+      ->set('password_register', TRUE)
+      ->save();
+
+    $edit = array();
+    $edit['name'] = $name = $this->randomMachineName();
+    $edit['mail'] = $mail = $edit['name'] . '@example.com';
+    $edit['pass[pass1]'] = $new_pass = $this->randomMachineName();
+    $edit['pass[pass2]'] = $new_pass;
+
+    // Create a new user.
+    $this->drupalPostForm('user/register', $edit, t('Create new account'));
+    $this->assertText(t('A welcome message with further instructions has been sent to your email address.'), 'Send e-mail to user after registering.');
+
+    // Make sure the user is still blocked.
+    $this->container->get('entity.manager')->getStorage('user')->resetCache();
+    $accounts = entity_load_multiple_by_properties('user', array('name' => $name, 'mail' => $mail));
+    $new_user = reset($accounts);
+    $this->assertFalse($new_user->status->value, t('New account is blocked until approved via e-mail confirmation.'));
+
+    // Try to login before activating the account via e-mail.
+    $edit2 = array();
+    $edit2['name'] = $name;
+    $edit2['pass'] = $new_pass;
+    $this->drupalPostForm('user/login', $edit2, t('Log in'));
+    $this->assertRaw(t('The username %name has not been activated or is blocked.', array('%name' => $name)), t('User cannot login yet.'));
+
+    // Try to activate the user.
+    $_emails = $this->drupalGetMails();
+    $email = end($_emails);
+    $one_time_link = array();
+    preg_match('@user/reset/[0-9]+/([0-9]+)/([a-zA-Z0-9_\-]+)\n@', $email['body'], $one_time_link);
+
+    $_uid = $new_user->id();
+    $this->drupalGet("user/reset/$_uid/$one_time_link[1]/$one_time_link[2]");
+    $this->assertText(t('You have just used your one-time login link. Your account is now active.'), t('User account activated.'));
+  }
+
   function testRegistrationEmailDuplicates() {
     // Don't require email verification and allow registration by site visitors
     // without administrator approval.
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index 3d76074..2dc4bd3 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -1175,6 +1175,8 @@ function user_role_revoke_permissions($rid, array $permissions = array()) {
  *     self-registers.
  *   - 'register_pending_approval': Welcome message, user pending admin
  *     approval.
+ *   - 'register_password_set': Welcome message, password set.
+ *   - 'register_password_set_activation': Activation message, password set.
  *   - 'password_reset': Password recovery request.
  *   - 'status_activated': Account activated.
  *   - 'status_blocked': Account blocked.