diff --git a/routes/web.php b/routes/web.php
index 5e2f8f0f66..5f2755063f 100755
--- a/routes/web.php
+++ b/routes/web.php
@@ -12,7 +12,10 @@
 use Statamic\Http\Controllers\OAuthController;
 use Statamic\Http\Controllers\PhoneHomeController;
 use Statamic\Http\Controllers\ResetPasswordController;
-use Statamic\Http\Controllers\UserController;
+use Statamic\Http\Controllers\User\LoginController;
+use Statamic\Http\Controllers\User\PasswordController;
+use Statamic\Http\Controllers\User\ProfileController;
+use Statamic\Http\Controllers\User\RegisterController;
 use Statamic\Http\Middleware\AuthGuard;
 use Statamic\Http\Middleware\CP\AuthGuard as CPAuthGuard;
 use Statamic\Statamic;
@@ -27,13 +30,13 @@
         Route::post('protect/password', [PasswordProtectController::class, 'store'])->name('protect.password.store');
 
         Route::group(['prefix' => 'auth', 'middleware' => [AuthGuard::class]], function () {
-            Route::get('logout', [UserController::class, 'logout'])->name('logout');
+            Route::get('logout', [LoginController::class, 'logout'])->name('logout');
 
             Route::group(['middleware' => [HandlePrecognitiveRequests::class]], function () {
-                Route::post('login', [UserController::class, 'login'])->name('login');
-                Route::post('register', [UserController::class, 'register'])->name('register');
-                Route::post('profile', [UserController::class, 'profile'])->name('profile');
-                Route::post('password', [UserController::class, 'password'])->name('password');
+                Route::post('login', [LoginController::class, 'login'])->name('login');
+                Route::post('register', RegisterController::class)->name('register');
+                Route::post('profile', ProfileController::class)->name('profile');
+                Route::post('password', PasswordController::class)->name('password');
             });
 
             Route::post('password/email', [ForgotPasswordController::class, 'sendResetLinkEmail'])->name('password.email');
diff --git a/src/Http/Controllers/User/LoginController.php b/src/Http/Controllers/User/LoginController.php
new file mode 100644
index 0000000000..7911960b6f
--- /dev/null
+++ b/src/Http/Controllers/User/LoginController.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace Statamic\Http\Controllers\User;
+
+use Illuminate\Support\Facades\Auth;
+use Statamic\Auth\ThrottlesLogins;
+use Statamic\Http\Controllers\Controller;
+use Statamic\Http\Requests\UserLoginRequest;
+
+class LoginController extends Controller
+{
+    use ThrottlesLogins;
+
+    public function login(UserLoginRequest $request)
+    {
+        if ($this->hasTooManyLoginAttempts($request)) {
+            $this->fireLockoutEvent($request);
+
+            return $this->sendLockoutResponse($request);
+        }
+
+        if (Auth::attempt($request->only('email', 'password'), $request->has('remember'))) {
+            return redirect($request->input('_redirect', '/'))->withSuccess(__('Login successful.'));
+        }
+
+        $this->incrementLoginAttempts($request);
+
+        $errorResponse = $request->has('_error_redirect') ? redirect($request->input('_error_redirect')) : back();
+
+        return $errorResponse->withInput()->withErrors(__('Invalid credentials.'));
+    }
+
+    public function logout()
+    {
+        Auth::logout();
+
+        return redirect(request()->get('redirect', '/'));
+    }
+
+    protected function username()
+    {
+        return 'email';
+    }
+}
diff --git a/src/Http/Controllers/User/PasswordController.php b/src/Http/Controllers/User/PasswordController.php
new file mode 100644
index 0000000000..90420ad4c0
--- /dev/null
+++ b/src/Http/Controllers/User/PasswordController.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace Statamic\Http\Controllers\User;
+
+use Statamic\Facades\User;
+use Statamic\Http\Requests\UserPasswordRequest;
+
+class PasswordController
+{
+    public function __invoke(UserPasswordRequest $request)
+    {
+        $user = User::current();
+
+        $user->password($request->password);
+
+        $user->save();
+
+        return $this->successfulResponse();
+    }
+
+    private function successfulResponse()
+    {
+        $response = request()->has('_redirect') ? redirect(request()->get('_redirect')) : back();
+
+        if (request()->ajax() || request()->wantsJson()) {
+            return response([
+                'success' => true,
+                'redirect' => $response->getTargetUrl(),
+            ]);
+        }
+
+        session()->flash('user.password.success', __('Change successful.'));
+
+        return $response;
+    }
+}
diff --git a/src/Http/Controllers/User/ProfileController.php b/src/Http/Controllers/User/ProfileController.php
new file mode 100644
index 0000000000..656d1226df
--- /dev/null
+++ b/src/Http/Controllers/User/ProfileController.php
@@ -0,0 +1,42 @@
+<?php
+
+namespace Statamic\Http\Controllers\User;
+
+use Statamic\Facades\User;
+use Statamic\Http\Requests\UserProfileRequest;
+
+class ProfileController
+{
+    public function __invoke(UserProfileRequest $request)
+    {
+        $user = User::current();
+
+        if ($request->email) {
+            $user->email($request->email);
+        }
+
+        foreach ($request->processedValues() as $key => $value) {
+            $user->set($key, $value);
+        }
+
+        $user->save();
+
+        return $this->successfulResponse();
+    }
+
+    private function successfulResponse()
+    {
+        $response = request()->has('_redirect') ? redirect(request()->get('_redirect')) : back();
+
+        if (request()->ajax() || request()->wantsJson()) {
+            return response([
+                'success' => true,
+                'redirect' => $response->getTargetUrl(),
+            ]);
+        }
+
+        session()->flash('user.profile.success', __('Update successful.'));
+
+        return $response;
+    }
+}
diff --git a/src/Http/Controllers/User/RegisterController.php b/src/Http/Controllers/User/RegisterController.php
new file mode 100644
index 0000000000..36114fd044
--- /dev/null
+++ b/src/Http/Controllers/User/RegisterController.php
@@ -0,0 +1,92 @@
+<?php
+
+namespace Statamic\Http\Controllers\User;
+
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\MessageBag;
+use Illuminate\Validation\ValidationException;
+use Statamic\Events\UserRegistered;
+use Statamic\Events\UserRegistering;
+use Statamic\Exceptions\SilentFormFailureException;
+use Statamic\Facades\User;
+use Statamic\Http\Requests\UserRegisterRequest;
+use Statamic\Support\Arr;
+
+class RegisterController
+{
+    public function __invoke(UserRegisterRequest $request)
+    {
+        $user = User::make()
+            ->email($request->email)
+            ->password($request->password)
+            ->data($request->processedValues());
+
+        if ($roles = config('statamic.users.new_user_roles')) {
+            $user->explicitRoles($roles);
+        }
+
+        if ($groups = config('statamic.users.new_user_groups')) {
+            $user->groups($groups);
+        }
+
+        try {
+            if ($honeypot = config('statamic.users.registration_form_honeypot_field')) {
+                throw_if(Arr::get($request->input(), $honeypot), new SilentFormFailureException);
+            }
+
+            throw_if(UserRegistering::dispatch($user) === false, new SilentFormFailureException);
+        } catch (ValidationException $e) {
+            return $this->failureResponse($e);
+        } catch (SilentFormFailureException $e) {
+            return $this->successfulResponse(silentFailure: true);
+        }
+
+        $user->save();
+
+        UserRegistered::dispatch($user);
+
+        Auth::login($user);
+
+        return $this->successfulResponse();
+    }
+
+    private function successfulResponse(bool $silentFailure = false)
+    {
+        $response = request()->has('_redirect') ? redirect(request()->get('_redirect')) : back();
+
+        if (request()->ajax() || request()->wantsJson()) {
+            return response([
+                'success' => true,
+                'user_created' => ! $silentFailure,
+                'redirect' => $response->getTargetUrl(),
+            ]);
+        }
+
+        session()->flash('user.register.success', __('Registration successful.'));
+        session()->flash('user.register.user_created', ! $silentFailure);
+
+        return $response;
+    }
+
+    private function failureResponse($validator)
+    {
+        $errors = $validator->errors();
+
+        if (request()->ajax()) {
+            return response([
+                'errors' => (new MessageBag($errors))->all(),
+                'error' => collect($errors)->map(function ($errors, $field) {
+                    return $errors[0];
+                })->all(),
+            ], 400);
+        }
+
+        if (request()->wantsJson()) {
+            return (new ValidationException($validator))->errorBag(new MessageBag($errors));
+        }
+
+        $errorResponse = request()->has('_error_redirect') ? redirect(request()->input('_error_redirect')) : back();
+
+        return $errorResponse->withInput()->withErrors($errors, 'user.register');
+    }
+}
diff --git a/src/Http/Controllers/UserController.php b/src/Http/Controllers/UserController.php
deleted file mode 100644
index 45e1a6e465..0000000000
--- a/src/Http/Controllers/UserController.php
+++ /dev/null
@@ -1,193 +0,0 @@
-<?php
-
-namespace Statamic\Http\Controllers;
-
-use Illuminate\Support\Arr;
-use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\MessageBag;
-use Illuminate\Validation\ValidationException;
-use Statamic\Auth\ThrottlesLogins;
-use Statamic\Events\UserRegistered;
-use Statamic\Events\UserRegistering;
-use Statamic\Exceptions\SilentFormFailureException;
-use Statamic\Facades\User;
-use Statamic\Http\Requests\UserLoginRequest;
-use Statamic\Http\Requests\UserPasswordRequest;
-use Statamic\Http\Requests\UserProfileRequest;
-use Statamic\Http\Requests\UserRegisterRequest;
-
-class UserController extends Controller
-{
-    use ThrottlesLogins;
-
-    private $request;
-
-    public function login(UserLoginRequest $request)
-    {
-        if ($this->hasTooManyLoginAttempts($request)) {
-            $this->fireLockoutEvent($request);
-
-            return $this->sendLockoutResponse($request);
-        }
-
-        if (Auth::attempt($request->only('email', 'password'), $request->has('remember'))) {
-            return redirect($request->input('_redirect', '/'))->withSuccess(__('Login successful.'));
-        }
-
-        $this->incrementLoginAttempts($request);
-
-        $errorResponse = $request->has('_error_redirect') ? redirect($request->input('_error_redirect')) : back();
-
-        return $errorResponse->withInput()->withErrors(__('Invalid credentials.'));
-    }
-
-    public function logout()
-    {
-        Auth::logout();
-
-        return redirect(request()->get('redirect', '/'));
-    }
-
-    public function register(UserRegisterRequest $request)
-    {
-        $user = User::make()
-            ->email($request->email)
-            ->password($request->password)
-            ->data($request->processedValues());
-
-        if ($roles = config('statamic.users.new_user_roles')) {
-            $user->explicitRoles($roles);
-        }
-
-        if ($groups = config('statamic.users.new_user_groups')) {
-            $user->groups($groups);
-        }
-
-        try {
-            if ($honeypot = config('statamic.users.registration_form_honeypot_field')) {
-                throw_if(Arr::get($request->input(), $honeypot), new SilentFormFailureException);
-            }
-
-            throw_if(UserRegistering::dispatch($user) === false, new SilentFormFailureException);
-        } catch (ValidationException $e) {
-            return $this->userRegistrationFailure($e);
-        } catch (SilentFormFailureException $e) {
-            return $this->userRegistrationSuccess(true);
-        }
-
-        $user->save();
-
-        UserRegistered::dispatch($user);
-
-        Auth::login($user);
-
-        return $this->userRegistrationSuccess();
-    }
-
-    public function profile(UserProfileRequest $request)
-    {
-        $user = User::current();
-
-        if ($request->email) {
-            $user->email($request->email);
-        }
-
-        foreach ($request->processedValues() as $key => $value) {
-            $user->set($key, $value);
-        }
-
-        $user->save();
-
-        return $this->userProfileSuccess();
-    }
-
-    public function password(UserPasswordRequest $request)
-    {
-        $user = User::current();
-
-        $user->password($request->password);
-
-        $user->save();
-
-        return $this->userPasswordSuccess();
-    }
-
-    public function username()
-    {
-        return 'email';
-    }
-
-    private function userRegistrationFailure($validator)
-    {
-        $errors = $validator->errors();
-
-        if (request()->ajax()) {
-            return response([
-                'errors' => (new MessageBag($errors))->all(),
-                'error' => collect($errors)->map(function ($errors, $field) {
-                    return $errors[0];
-                })->all(),
-            ], 400);
-        }
-
-        if (request()->wantsJson()) {
-            return (new ValidationException($validator))->errorBag(new MessageBag($errors));
-        }
-
-        $errorResponse = request()->has('_error_redirect') ? redirect(request()->input('_error_redirect')) : back();
-
-        return $errorResponse->withInput()->withErrors($errors, 'user.register');
-    }
-
-    private function userRegistrationSuccess(bool $silentFailure = false)
-    {
-        $response = request()->has('_redirect') ? redirect(request()->get('_redirect')) : back();
-
-        if (request()->ajax() || request()->wantsJson()) {
-            return response([
-                'success' => true,
-                'user_created' => ! $silentFailure,
-                'redirect' => $response->getTargetUrl(),
-            ]);
-        }
-
-        session()->flash('user.register.success', __('Registration successful.'));
-        session()->flash('user.register.user_created', ! $silentFailure);
-
-        return $response;
-    }
-
-    private function userProfileSuccess(bool $silentFailure = false)
-    {
-        $response = request()->has('_redirect') ? redirect(request()->get('_redirect')) : back();
-
-        if (request()->ajax() || request()->wantsJson()) {
-            return response([
-                'success' => true,
-                'user_updated' => ! $silentFailure,
-                'redirect' => $response->getTargetUrl(),
-            ]);
-        }
-
-        session()->flash('user.profile.success', __('Update successful.'));
-
-        return $response;
-    }
-
-    private function userPasswordSuccess(bool $silentFailure = false)
-    {
-        $response = request()->has('_redirect') ? redirect(request()->get('_redirect')) : back();
-
-        if (request()->ajax() || request()->wantsJson()) {
-            return response([
-                'success' => true,
-                'password_updated' => ! $silentFailure,
-                'redirect' => $response->getTargetUrl(),
-            ]);
-        }
-
-        session()->flash('user.password.success', __('Change successful.'));
-
-        return $response;
-    }
-}