diff --git a/core/lib/Drupal/Core/Session/SessionManager.php b/core/lib/Drupal/Core/Session/SessionManager.php
index 2c35259..3212410 100644
--- a/core/lib/Drupal/Core/Session/SessionManager.php
+++ b/core/lib/Drupal/Core/Session/SessionManager.php
@@ -124,16 +124,6 @@ public function start() {
     }
 
     if (empty($result)) {
-      // Randomly generate a session identifier for this request. This is
-      // necessary because \Drupal\user\SharedTempStoreFactory::get() wants to
-      // know the future session ID of a lazily started session in advance.
-      //
-      // @todo: With current versions of PHP there is little reason to generate
-      //   the session id from within application code. Consider using the
-      //   default php session id instead of generating a custom one:
-      //   https://www.drupal.org/node/2238561
-      $this->setId(Crypt::randomBytesBase64());
-
       // Initialize the session global and attach the Symfony session bags.
       $_SESSION = array();
       $this->loadSession();
@@ -223,7 +213,7 @@ public function regenerate($destroy = FALSE, $lifetime = NULL) {
     if ($this->isStarted()) {
       $old_session_id = $this->getId();
     }
-    session_id(Crypt::randomBytesBase64());
+    session_regenerate_id();
 
     $this->getMetadataBag()->clearCsrfTokenSeed();
 
diff --git a/core/modules/user/src/PrivateTempStore.php b/core/modules/user/src/PrivateTempStore.php
index 79be710..3886fd9 100644
--- a/core/modules/user/src/PrivateTempStore.php
+++ b/core/modules/user/src/PrivateTempStore.php
@@ -7,6 +7,7 @@
 
 namespace Drupal\user;
 
+use Drupal\Component\Utility\Crypt;
 use Drupal\Component\Utility\SafeMarkup;
 use Drupal\Core\KeyValueStore\KeyValueStoreExpirableInterface;
 use Drupal\Core\Lock\LockBackendInterface;
@@ -80,8 +81,10 @@ class PrivateTempStore {
    *   of key/value pairs.
    * @param \Drupal\Core\Lock\LockBackendInterface $lockBackend
    *   The lock object used for this data.
-   * @param mixed $owner
-   *   The owner key to store along with the data (e.g. a user or session ID).
+   * @param \Drupal\Core\Session\AccountProxyInterface $current_user
+   *   The current user.
+   * @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
+   *   The request stack.
    * @param int $expire
    *   The time to live for items, in seconds.
    */
@@ -211,6 +214,15 @@ protected function createkey($key) {
    *   The owner.
    */
   protected function getOwner() {
-    return $this->currentUser->id() ?: $this->requestStack->getCurrentRequest()->getSession()->getId();
+    if ($this->currentUser->isAuthenticated()) {
+      return $this->currentUser->id();
+    }
+    // Anonymous users needs special handling.
+    // @todo Fix me.
+    if (!isset($_SESSION['user_private_owner'])) {
+      $_SESSION['user_private_owner'] = Crypt::randomBytesBase64();
+    }
+    return $_SESSION['user_private_owner'];
   }
+
 }
diff --git a/core/modules/user/src/PrivateTempStoreFactory.php b/core/modules/user/src/PrivateTempStoreFactory.php
index bd62633..39af0dc 100644
--- a/core/modules/user/src/PrivateTempStoreFactory.php
+++ b/core/modules/user/src/PrivateTempStoreFactory.php
@@ -55,10 +55,14 @@ class PrivateTempStoreFactory {
   /**
    * Constructs a Drupal\user\PrivateTempStoreFactory object.
    *
-   * @param \Drupal\Core\Database\Connection $connection
-   *   The connection object used for this data.
+   * @param \Drupal\Core\KeyValueStore\KeyValueExpirableFactoryInterface $storage_factory
+   *   The storage factory creating the backend to store the data.
    * @param \Drupal\Core\Lock\LockBackendInterface $lockBackend
    *   The lock object used for this data.
+   * @param \Drupal\Core\Session\AccountProxyInterface $current_user
+   *   The current user.
+   * @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
+   *   The request stack.
    * @param int $expire
    *   The time to live for items, in seconds.
    */
diff --git a/core/modules/user/src/SharedTempStoreFactory.php b/core/modules/user/src/SharedTempStoreFactory.php
index da2331d..cf069d7 100644
--- a/core/modules/user/src/SharedTempStoreFactory.php
+++ b/core/modules/user/src/SharedTempStoreFactory.php
@@ -8,6 +8,7 @@
 namespace Drupal\user;
 
 use Drupal\Component\Serialization\SerializationInterface;
+use Drupal\Component\Utility\Crypt;
 use Drupal\Core\KeyValueStore\KeyValueExpirableFactoryInterface;
 use Drupal\Core\Lock\LockBackendInterface;
 use Symfony\Component\HttpFoundation\RequestStack;
@@ -82,7 +83,18 @@ function get($collection, $owner = NULL) {
     // Use the currently authenticated user ID or the active user ID unless
     // the owner is overridden.
     if (!isset($owner)) {
-      $owner = \Drupal::currentUser()->id() ?: session_id();
+      $account = \Drupal::currentUser();
+      if ($account->isAuthenticated()) {
+        $owner = $account->id();
+      }
+      else {
+        // Anonymous users needs special handling.
+        // @todo Fix me.
+        if (!isset($_SESSION['user_shared_owner'])) {
+          $_SESSION['user_shared_owner'] = Crypt::randomBytesBase64();
+        }
+        $owner = $_SESSION['user_shared_owner'];
+      }
     }
 
     // Store the data for this collection in the database.