diff --git a/core/modules/locale/tests/src/Functional/LocaleTranslatedSchemaDefinitionTest.php b/core/modules/locale/tests/src/Functional/LocaleTranslatedSchemaDefinitionTest.php
index 8e0b38e2eac576e9d532c6a9ee09623c4a166600..97fbfc7c503d48cd88ff1ad792407d9b3a0f1046 100644
--- a/core/modules/locale/tests/src/Functional/LocaleTranslatedSchemaDefinitionTest.php
+++ b/core/modules/locale/tests/src/Functional/LocaleTranslatedSchemaDefinitionTest.php
@@ -28,6 +28,11 @@ class LocaleTranslatedSchemaDefinitionTest extends BrowserTestBase {
    */
   protected $defaultTheme = 'stark';
 
+  /**
+   * {@inheritdoc}
+   */
+  protected bool $useOneTimeLoginLinks = FALSE;
+
   /**
    * {@inheritdoc}
    */
diff --git a/core/modules/locale/tests/src/Functional/LocaleTranslationUiTest.php b/core/modules/locale/tests/src/Functional/LocaleTranslationUiTest.php
index cd5981c11e4db3ed7a98137472bfc942062cd979..893ac79aea8adbedff581ff4c055ca9a71ebba52 100644
--- a/core/modules/locale/tests/src/Functional/LocaleTranslationUiTest.php
+++ b/core/modules/locale/tests/src/Functional/LocaleTranslationUiTest.php
@@ -29,6 +29,11 @@ class LocaleTranslationUiTest extends BrowserTestBase {
    */
   protected $defaultTheme = 'stark';
 
+  /**
+   * {@inheritdoc}
+   */
+  protected bool $useOneTimeLoginLinks = FALSE;
+
   /**
    * Enable interface translation to English.
    */
diff --git a/core/modules/user/tests/src/Functional/UserLoginTest.php b/core/modules/user/tests/src/Functional/UserLoginTest.php
index 4302113c42a08856e733157d5cce5585d2fa5d44..5006d1b292bdeeda8f6ecd228508897a92a948be 100644
--- a/core/modules/user/tests/src/Functional/UserLoginTest.php
+++ b/core/modules/user/tests/src/Functional/UserLoginTest.php
@@ -169,7 +169,13 @@ public function testPasswordRehashOnLogin(): void {
     $this->assertTrue($password_hasher->needsRehash($account->getPassword()));
 
     $account->passRaw = $password;
-    $this->drupalLogin($account);
+    $this->drupalGet('user/login');
+    $edit = [
+      'name' => $account->getAccountName(),
+      'pass' => $account->passRaw,
+    ];
+    $this->submitForm($edit, 'Log in');
+
     // Load the stored user, which should have a different password hash now.
     $user_storage->resetCache([$account->id()]);
     $account = $user_storage->load($account->id());
diff --git a/core/modules/user/tests/src/Functional/UserTokenReplaceTest.php b/core/modules/user/tests/src/Functional/UserTokenReplaceTest.php
index 89b90d98ca06977b9190676df392d9e66877f445..2c6fcfb04b6023ed0f0f8541a3977f7a36f6c47e 100644
--- a/core/modules/user/tests/src/Functional/UserTokenReplaceTest.php
+++ b/core/modules/user/tests/src/Functional/UserTokenReplaceTest.php
@@ -27,6 +27,11 @@ class UserTokenReplaceTest extends BrowserTestBase {
    */
   protected $defaultTheme = 'stark';
 
+  /**
+   * {@inheritdoc}
+   */
+  protected bool $useOneTimeLoginLinks = FALSE;
+
   /**
    * {@inheritdoc}
    */
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index e5398d47512e6af1c3c4f0cb3405b524aef81b45..ad4002c9c09e3c1f7e28f6f7a85810c0614c6a9e 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -464,7 +464,7 @@ function user_user_logout(AccountInterface $account) {
  *   they can change their password.
  */
 function user_pass_reset_url($account, $options = []) {
-  $timestamp = \Drupal::time()->getRequestTime();
+  $timestamp = \Drupal::time()->getCurrentTime();
   $langcode = $options['langcode'] ?? $account->getPreferredLangcode();
   return Url::fromRoute('user.reset',
     [
diff --git a/core/tests/Drupal/Tests/UiHelperTrait.php b/core/tests/Drupal/Tests/UiHelperTrait.php
index 5e6e9176b10064ae5ec73a69724819f1f169744a..f2f29efd17ef2b029ab74115ea1ad4e7163bc896 100644
--- a/core/tests/Drupal/Tests/UiHelperTrait.php
+++ b/core/tests/Drupal/Tests/UiHelperTrait.php
@@ -28,6 +28,11 @@ trait UiHelperTrait {
    */
   protected $loggedInUser = FALSE;
 
+  /**
+   * Use one-time login links instead of submitting the login form.
+   */
+  protected bool $useOneTimeLoginLinks = TRUE;
+
   /**
    * The number of meta refresh redirects to follow, or NULL if unlimited.
    *
@@ -156,11 +161,21 @@ protected function drupalLogin(AccountInterface $account) {
       $this->drupalLogout();
     }
 
-    $this->drupalGet(Url::fromRoute('user.login'));
-    $this->submitForm([
-      'name' => $account->getAccountName(),
-      'pass' => $account->passRaw,
-    ], 'Log in');
+    if ($this->useOneTimeLoginLinks) {
+      // Reload to get latest login timestamp.
+      $storage = \Drupal::entityTypeManager()->getStorage('user');
+      /** @var \Drupal\user\UserInterface $accountUnchanged */
+      $accountUnchanged = $storage->loadUnchanged($account->id());
+      $login = user_pass_reset_url($accountUnchanged) . '/login?destination=user/' . $account->id();
+      $this->drupalGet($login);
+    }
+    else {
+      $this->drupalGet(Url::fromRoute('user.login'));
+      $this->submitForm([
+        'name' => $account->getAccountName(),
+        'pass' => $account->passRaw,
+      ], 'Log in');
+    }
 
     // @see ::drupalUserIsLoggedIn()
     $account->sessionId = $this->getSession()->getCookie(\Drupal::service('session_configuration')->getOptions(\Drupal::request())['name']);