diff --git a/core/modules/user/lib/Drupal/user/AccountFormController.php b/core/modules/user/lib/Drupal/user/AccountFormController.php
index c40c695f930a5b6a743449079ace05ce900cb864..6002298576ba7b190a19d6550405763aacbc4dcc 100644
--- a/core/modules/user/lib/Drupal/user/AccountFormController.php
+++ b/core/modules/user/lib/Drupal/user/AccountFormController.php
@@ -9,6 +9,7 @@
 
 use Drupal\Core\Entity\ContentEntityFormController;
 use Drupal\Core\Entity\EntityManagerInterface;
+use Drupal\Core\Entity\Query\QueryFactory;
 use Drupal\Core\Language\Language;
 use Drupal\Core\Language\LanguageManagerInterface;
 use Drupal\language\ConfigurableLanguageManagerInterface;
@@ -28,6 +29,13 @@ abstract class AccountFormController extends ContentEntityFormController {
    */
   protected $languageManager;
 
+  /**
+   * The entity query factory service.
+   *
+   * @var \Drupal\Core\Entity\Query\QueryFactory
+   */
+  protected $entityQuery;
+
   /**
    * Constructs a new EntityFormController object.
    *
@@ -35,10 +43,13 @@ abstract class AccountFormController extends ContentEntityFormController {
    *   The entity manager.
    * @param \Drupal\Core\Language\LanguageManagerInterface $language_manager
    *   The language manager.
+   * @param \Drupal\Core\Entity\Query\QueryFactory
+   *   The entity query factory.
    */
-  public function __construct(EntityManagerInterface $entity_manager, LanguageManagerInterface $language_manager) {
+  public function __construct(EntityManagerInterface $entity_manager, LanguageManagerInterface $language_manager, QueryFactory $entity_query) {
     parent::__construct($entity_manager);
     $this->languageManager = $language_manager;
+    $this->entityQuery = $entity_query;
   }
 
   /**
@@ -47,7 +58,8 @@ public function __construct(EntityManagerInterface $entity_manager, LanguageMana
   public static function create(ContainerInterface $container) {
     return new static(
       $container->get('entity.manager'),
-      $container->get('language_manager')
+      $container->get('language_manager'),
+      $container->get('entity.query')
     );
   }
 
@@ -304,13 +316,12 @@ public function validate(array $form, array &$form_state) {
       // Cast the user ID as an integer. It might have been set to NULL, which
       // could lead to unexpected results.
       else {
-        $name_taken = (bool) db_select('users')
-        ->fields('users', array('uid'))
-        ->condition('uid', (int) $account->id(), '<>')
-        ->condition('name', db_like($form_state['values']['name']), 'LIKE')
-        ->range(0, 1)
-        ->execute()
-        ->fetchField();
+        $name_taken = (bool) $this->entityQuery->get('user')
+          ->condition('uid', (int) $account->id(), '<>')
+          ->condition('name', $form_state['values']['name'])
+          ->range(0, 1)
+          ->count()
+          ->execute();
 
         if ($name_taken) {
           $this->setFormError('name', $form_state, $this->t('The name %name is already taken.', array('%name' => $form_state['values']['name'])));
@@ -321,13 +332,12 @@ public function validate(array $form, array &$form_state) {
     $mail = $form_state['values']['mail'];
 
     if (!empty($mail)) {
-      $mail_taken = (bool) db_select('users')
-      ->fields('users', array('uid'))
-      ->condition('uid', (int) $account->id(), '<>')
-      ->condition('mail', db_like($mail), 'LIKE')
-      ->range(0, 1)
-      ->execute()
-      ->fetchField();
+      $mail_taken = (bool) $this->entityQuery->get('user')
+        ->condition('uid', (int) $account->id(), '<>')
+        ->condition('mail', $mail)
+        ->range(0, 1)
+        ->count()
+        ->execute();
 
       if ($mail_taken) {
         // Format error message dependent on whether the user is logged in or not.
diff --git a/core/modules/user/lib/Drupal/user/Plugin/Validation/Constraint/UserUniqueValidator.php b/core/modules/user/lib/Drupal/user/Plugin/Validation/Constraint/UserUniqueValidator.php
index 945223f445057d5ec57821ab738ac6c7f407e4c0..f169cae5d8b51f7de761008e1c04cdd42c9f8ba9 100644
--- a/core/modules/user/lib/Drupal/user/Plugin/Validation/Constraint/UserUniqueValidator.php
+++ b/core/modules/user/lib/Drupal/user/Plugin/Validation/Constraint/UserUniqueValidator.php
@@ -22,14 +22,13 @@ public function validate($value, Constraint $constraint) {
     $field = $this->context->getMetadata()->getTypedData()->getParent();
     $uid = $field->getParent()->id();
 
-    $value_taken = (bool) db_select('users')
-      ->fields('users', array('uid'))
+    $value_taken = (bool) \Drupal::entityQuery('user')
       // The UID could be NULL, so we cast it to 0 in that case.
       ->condition('uid', (int) $uid, '<>')
-      ->condition($field->getName(), db_like($value), 'LIKE')
+      ->condition($field->getName(), $value)
       ->range(0, 1)
-      ->execute()
-      ->fetchField();
+      ->count()
+      ->execute();
 
     if ($value_taken) {
       $this->context->addViolation($constraint->message, array("%value" => $value));
diff --git a/core/modules/user/lib/Drupal/user/ProfileFormController.php b/core/modules/user/lib/Drupal/user/ProfileFormController.php
index 3c36981a827713e51defe6467c4609dd5bd348bd..325f02ba2793a0645da8c4d65e71e10d8f6a43e7 100644
--- a/core/modules/user/lib/Drupal/user/ProfileFormController.php
+++ b/core/modules/user/lib/Drupal/user/ProfileFormController.php
@@ -8,14 +8,22 @@
 namespace Drupal\user;
 
 use Drupal\Core\Cache\Cache;
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\DependencyInjection\ContainerInterface;
+use Drupal\Core\Entity\EntityManagerInterface;
+use Drupal\Core\Entity\Query\QueryFactory;
+use Drupal\Core\Language\LanguageManager;
 
 /**
  * Form controller for the profile forms.
  */
 class ProfileFormController extends AccountFormController {
 
+  /**
+   * {@inheritdoc}
+   */
+  public function __construct(EntityManagerInterface $entity_manager, LanguageManager $language_manager, QueryFactory $entity_query) {
+    parent::__construct($entity_manager, $language_manager, $entity_query);
+  }
+
   /**
    * {@inheritdoc}
    */
diff --git a/core/modules/user/lib/Drupal/user/RegisterFormController.php b/core/modules/user/lib/Drupal/user/RegisterFormController.php
index 9062eb456ee33232fd8ed196e99118760133f686..d1e7e71271306429806a9f388042b93d82f518c9 100644
--- a/core/modules/user/lib/Drupal/user/RegisterFormController.php
+++ b/core/modules/user/lib/Drupal/user/RegisterFormController.php
@@ -7,6 +7,9 @@
 
 namespace Drupal\user;
 
+use Drupal\Core\Entity\EntityManagerInterface;
+use Drupal\Core\Entity\Query\QueryFactory;
+use Drupal\Core\Language\LanguageManager;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 
 /**
@@ -14,6 +17,13 @@
  */
 class RegisterFormController extends AccountFormController {
 
+  /**
+   * {@inheritdoc}
+   */
+  public function __construct(EntityManagerInterface $entity_manager, LanguageManager $language_manager, QueryFactory $entity_query) {
+    parent::__construct($entity_manager, $language_manager, $entity_query);
+  }
+
   /**
    * Overrides Drupal\Core\Entity\EntityFormController::form().
    */
diff --git a/core/modules/user/lib/Drupal/user/UserAutocomplete.php b/core/modules/user/lib/Drupal/user/UserAutocomplete.php
index a7a20b29a2276e6d8aa7756fc1ef7885d4095a5c..16c31d6e6a14f55d0106f8917916e50d99424e4d 100644
--- a/core/modules/user/lib/Drupal/user/UserAutocomplete.php
+++ b/core/modules/user/lib/Drupal/user/UserAutocomplete.php
@@ -10,6 +10,8 @@
 use Drupal\Component\Utility\String;
 use Drupal\Core\Config\ConfigFactory;
 use Drupal\Core\Database\Connection;
+use Drupal\Core\Entity\EntityManager;
+use Drupal\Core\Entity\Query\QueryFactory;
 
 /**
  * Defines a helper class to get user autocompletion results.
@@ -30,6 +32,20 @@ class UserAutocomplete {
    */
   protected $configFactory;
 
+  /**
+   * The entity query factory service.
+   *
+   * @var \Drupal\Core\Entity\Query\QueryFactory
+   */
+  protected $entityQuery;
+
+  /**
+   * The entity manager service.
+   *
+   * @var \Drupal\Core\Entity\EntityManager
+   */
+  protected $entityManager;
+
   /**
    * Constructs a UserAutocomplete object.
    *
@@ -38,9 +54,11 @@ class UserAutocomplete {
    * @param \Drupal\Core\Config\ConfigFactory $config_factory
    *   The config factory.
    */
-  public function __construct(Connection $connection, ConfigFactory $config_factory) {
+  public function __construct(Connection $connection, ConfigFactory $config_factory, EntityManager $entity_manager, QueryFactory $entity_query) {
     $this->connection = $connection;
     $this->configFactory = $config_factory;
+    $this->entityQuery = $entity_query;
+    $this->entityManager = $entity_manager;
   }
 
   /**
@@ -66,9 +84,14 @@ public function getMatches($string, $include_anonymous = FALSE) {
           $matches[] = array('value' => $anonymous_name, 'label' => String::checkPlain($anonymous_name));
         }
       }
-      $result = $this->connection->select('users')->fields('users', array('name'))->condition('name', db_like($string) . '%', 'LIKE')->range(0, 10)->execute();
-      foreach ($result as $account) {
-        $matches[] = array('value' => $account->name, 'label' => String::checkPlain($account->name));
+      $uids = $this->entityQuery->get('user')
+        ->condition('name', $string, 'STARTS_WITH')
+        ->range(0, 10)
+        ->execute();
+
+      $controller = $this->entityManager->getStorageController('user');
+      foreach ($controller->loadMultiple($uids) as $account) {
+        $matches[] = array('value' => $account->getUsername(), 'label' => String::checkPlain($account->getUsername()));
       }
     }
 
diff --git a/core/modules/user/lib/Drupal/user/UserStorageController.php b/core/modules/user/lib/Drupal/user/UserStorageController.php
index 69cfdbaf1d3d4671a0cef67167c750ee58b356cb..6093e7ed5e20225191841439393d911b0286b5d0 100644
--- a/core/modules/user/lib/Drupal/user/UserStorageController.php
+++ b/core/modules/user/lib/Drupal/user/UserStorageController.php
@@ -112,12 +112,12 @@ public function save(EntityInterface $entity) {
   /**
    * {@inheritdoc}
    */
-  public function saveRoles(EntityInterface $user) {
+  public function saveRoles(UserInterface $account) {
     $query = $this->database->insert('users_roles')->fields(array('uid', 'rid'));
-    foreach ($user->getRoles() as $rid) {
+    foreach ($account->getRoles() as $rid) {
       if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
         $query->values(array(
-          'uid' => $user->id(),
+          'uid' => $account->id(),
           'rid' => $rid,
         ));
       }
@@ -129,7 +129,7 @@ public function saveRoles(EntityInterface $user) {
    * {@inheritdoc}
    */
   public function addRoles(array $users) {
-    $result = db_query('SELECT rid, uid FROM {users_roles} WHERE uid IN (:uids)', array(':uids' => array_keys($users)));
+    $result = $this->database->query('SELECT rid, uid FROM {users_roles} WHERE uid IN (:uids)', array(':uids' => array_keys($users)));
     foreach ($result as $record) {
       $users[$record->uid]->roles[] = $record->rid;
     }
@@ -144,4 +144,14 @@ public function deleteUserRoles(array $uids) {
       ->execute();
   }
 
+  /**
+   * {@inheritdoc}
+   */
+  public function updateLastLoginTimestamp(UserInterface $account) {
+    $this->database->update('users')
+      ->fields(array('login' => $account->getLastLoginTime()))
+      ->condition('uid', $account->id())
+      ->execute();
+  }
+
 }
diff --git a/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php b/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
index 114a24c20f5e2f5295261071ba0364f6f12ee8bc..5718f93775fe7ae9fc4c65c454a368b3ad14df9f 100644
--- a/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
+++ b/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
@@ -25,9 +25,9 @@ public function addRoles(array $users);
   /**
    * Save the user's roles.
    *
-   * @param \Drupal\Core\Entity\EntityInterface $user
+   * @param \Drupal\user\UserInterface $account
    */
-  public function saveRoles(EntityInterface $user);
+  public function saveRoles(UserInterface $account);
 
   /**
    * Remove the roles of a user.
@@ -36,4 +36,10 @@ public function saveRoles(EntityInterface $user);
    */
   public function deleteUserRoles(array $uids);
 
+  /**
+   * Update the last login timestamp of the user.
+   *
+   * @param \Drupal\user\UserInterface $account
+   */
+  public function updateLastLoginTimestamp(UserInterface $account);
 }
diff --git a/core/modules/user/user.api.php b/core/modules/user/user.api.php
index cc18e9272655d7d945056e2a2bb62556443122ee..a79be87c7e8c558d9b5c5469f555b97896a6d83c 100644
--- a/core/modules/user/user.api.php
+++ b/core/modules/user/user.api.php
@@ -118,22 +118,18 @@ function hook_user_cancel($edit, $account, $method) {
     case 'user_cancel_block_unpublish':
       // Unpublish nodes (current revisions).
       module_load_include('inc', 'node', 'node.admin');
-      $nodes = db_select('node_field_data', 'n')
-        ->fields('n', array('nid'))
-        ->condition('uid', $account->id())
-        ->execute()
-        ->fetchCol();
+      $nodes = \Drupal::entityQuery('node')
+        ->condition('uid', $user->id())
+        ->execute();
       node_mass_update($nodes, array('status' => 0), NULL, TRUE);
       break;
 
     case 'user_cancel_reassign':
       // Anonymize nodes (current revisions).
       module_load_include('inc', 'node', 'node.admin');
-      $nodes = db_select('node_field_data', 'n')
-        ->fields('n', array('nid'))
-        ->condition('uid', $account->id())
-        ->execute()
-        ->fetchCol();
+      $nodes = \Drupal::entityQuery('node')
+        ->condition('uid', $user->id())
+        ->execute();
       node_mass_update($nodes, array('uid' => 0), NULL, TRUE);
       // Anonymize old revisions.
       db_update('node_field_revision')
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index 8cb2810b34b14263642385f22e1eef2cd3f3b9d0..235d8fdc2164c30ae798b8130fbc13b1c1fd95ad 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -443,16 +443,14 @@ function user_access($string, AccountInterface $account = NULL) {
  * @param $name
  *   A string containing a name of the user.
  *
- * @return
- *   Object with property 'name' (the user name), if the user is blocked;
- *   FALSE if the user is not blocked.
+ * @return bool
+ *   TRUE if the user is blocked, FALSE otherwise.
  */
 function user_is_blocked($name) {
-  return db_select('users')
-    ->fields('users', array('name'))
-    ->condition('name', db_like($name), 'LIKE')
+  return (bool) \Drupal::entityQuery('user')
+    ->condition('name', $name)
     ->condition('status', 0)
-    ->execute()->fetchObject();
+    ->execute();
 }
 
 /**
@@ -966,21 +964,20 @@ function user_authenticate($name, $password) {
 function user_login_finalize(UserInterface $account) {
   global $user;
   $user = $account;
-  watchdog('user', 'Session opened for %name.', array('%name' => $user->getUsername()));
+  watchdog('user', 'Session opened for %name.', array('%name' => $account->getUsername()));
   // Update the user table timestamp noting user has logged in.
   // This is also used to invalidate one-time login links.
   $account->setLastLoginTime(REQUEST_TIME);
-  db_update('users')
-    ->fields(array('login' => $user->getLastLoginTime()))
-    ->condition('uid', $user->id())
-    ->execute();
+  \Drupal::entityManager()
+    ->getStorageController('user')
+    ->updateLastLoginTimestamp($account);
 
   // Regenerate the session ID to prevent against session fixation attacks.
   // This is called before hook_user in case one of those functions fails
   // or incorrectly does a redirect which would leave the old session in place.
   drupal_session_regenerate();
 
-  \Drupal::moduleHandler()->invokeAll('user_login', array($user));
+  \Drupal::moduleHandler()->invokeAll('user_login', array($account));
 }
 
 /**
diff --git a/core/modules/user/user.services.yml b/core/modules/user/user.services.yml
index 72629e05a10dad49d2ab954c3e8b657ef8c55bd5..23d870699f359788a03fe8f78a8cb0e121bf400a 100644
--- a/core/modules/user/user.services.yml
+++ b/core/modules/user/user.services.yml
@@ -20,7 +20,7 @@ services:
     arguments: ['@database']
   user.autocomplete:
     class: Drupal\user\UserAutocomplete
-    arguments: ['@database', '@config.factory']
+    arguments: ['@database', '@config.factory', '@entity.manager', '@entity.query']
   user_maintenance_mode_subscriber:
     class: Drupal\user\EventSubscriber\MaintenanceModeSubscriber
     tags: