diff --git a/core/modules/user/src/Access/LoginStatusCheck.php b/core/modules/user/src/Access/LoginStatusCheck.php
index 3212c0a71db8918d93cda69da767917243104147..c3784206ae845900070cd5f529bb04dea5fec909 100644
--- a/core/modules/user/src/Access/LoginStatusCheck.php
+++ b/core/modules/user/src/Access/LoginStatusCheck.php
@@ -26,7 +26,11 @@ class LoginStatusCheck implements AccessInterface {
   public function access(AccountInterface $account, Route $route) {
     $required_status = filter_var($route->getRequirement('_user_is_logged_in'), FILTER_VALIDATE_BOOLEAN);
     $actual_status = $account->isAuthenticated();
-    return AccessResult::allowedIf($required_status === $actual_status)->addCacheContexts(['user.roles:authenticated']);
+    $access_result = AccessResult::allowedIf($required_status === $actual_status)->addCacheContexts(['user.roles:authenticated']);
+    if (!$access_result->isAllowed()) {
+      $access_result->setReason($required_status === TRUE ? 'This route can only be accessed by authenticated users.' : 'This route can only be accessed by anonymous users.');
+    }
+    return $access_result;
   }
 
 }
diff --git a/core/modules/user/tests/src/Functional/UserLoginHttpTest.php b/core/modules/user/tests/src/Functional/UserLoginHttpTest.php
index d01ad62eceee9d9cd7b964d58fd0e863740e4407..b12a72b58e8c4d4aee5f095b11576608fffed932 100644
--- a/core/modules/user/tests/src/Functional/UserLoginHttpTest.php
+++ b/core/modules/user/tests/src/Functional/UserLoginHttpTest.php
@@ -181,6 +181,11 @@ protected function doTestLogin($format) {
     $this->assertEquals($account->getRoles(), $result_data['current_user']['roles']);
     $logout_token = $result_data['logout_token'];
 
+    // Logging in while already logged in results in a 403 with helpful message.
+    $response = $this->loginRequest($name, $pass, $format);
+    $this->assertSame(403, $response->getStatusCode());
+    $this->assertSame(['message' => 'This route can only be accessed by anonymous users.'], $this->serializer->decode($response->getBody(), $format));
+
     $response = $client->get($login_status_url, ['cookies' => $this->cookies]);
     $this->assertHttpResponse($response, 200, UserAuthenticationController::LOGGED_IN);