diff --git a/core/modules/user/lib/Drupal/user/Access/AnonymousAccessCheck.php b/core/modules/user/lib/Drupal/user/Access/AnonymousAccessCheck.php
new file mode 100644
index 0000000..d537ff0
--- /dev/null
+++ b/core/modules/user/lib/Drupal/user/Access/AnonymousAccessCheck.php
@@ -0,0 +1,27 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\user\Access\AnonymousAccessCheck.
+ */
+
+namespace Drupal\user\Access;
+
+use Drupal\Core\Routing\Access\AccessInterface;
+use Drupal\Core\Session\AccountInterface;
+use Symfony\Component\Routing\Route;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * Determines access to routes based on login status of current user.
+ */
+class AnonymousAccessCheck implements AccessInterface {
+
+  /**
+   * {@inheritdoc}
+   */
+  public function access(Route $route, Request $request, AccountInterface $account) {
+    return ($account->isAnonymous()) ? static::ALLOW : static::DENY;
+  }
+
+}
diff --git a/core/modules/user/user.routing.yml b/core/modules/user/user.routing.yml
index 55c57d1..05c8f3c 100644
--- a/core/modules/user/user.routing.yml
+++ b/core/modules/user/user.routing.yml
@@ -145,7 +145,7 @@ user.login:
     _form: '\Drupal\user\Form\UserLoginForm'
     _title: 'Log in'
   requirements:
-    _access: 'TRUE'
+    _user_is_anonymous: 'TRUE'
 
 user.edit:
   path: '/user/{user}/edit'
diff --git a/core/modules/user/user.services.yml b/core/modules/user/user.services.yml
index 03bb4c2..127ff01 100644
--- a/core/modules/user/user.services.yml
+++ b/core/modules/user/user.services.yml
@@ -15,6 +15,10 @@ services:
     class: Drupal\user\Access\LoginStatusCheck
     tags:
       - { name: access_check, applies_to: _user_is_logged_in }
+  access_check.user.anonymous:
+    class: Drupal\user\Access\AnonymousAccessCheck
+    tags:
+      - { name: access_check, applies_to: _user_is_anonymous }
   cache_context.user:
     class: Drupal\user\Cache\UserCacheContext
     arguments: ['@current_user']