SET PASSWORD is a MariaDB command that allows you to update an existing user’s password. Knowing how to change MariaDB user passwords is essential for main­tain­ing database security and should be done in various situ­ations.

When should you change a MariaDB user’s password?

Updating a user password in MariaDB is a key part of any database security strategy. You should change a password whenever there’s a specific reason or when security policies require it. For example, as soon as a user leaves the company or moves to another role, you should promptly update or de­ac­tiv­ate all related cre­den­tials. If you detect sus­pi­cious activity, such as unusual login attempts or access to sensitive data, change the password im­me­di­ately.

Passwords should also be updated if they have ac­ci­dent­ally been made public. This might occur due to con­fig­ur­a­tion error, an in­cor­rectly sent script or an entry in a version control system. In such cases, a quick password change can prevent un­au­thor­ised access. Many security standards also recommend changing passwords regularly (e.g. every 90 days) es­pe­cially in high-security en­vir­on­ments.

In short, change passwords whenever a potential risk exists – don’t wait for an incident to happen.

Compute Engine
The ideal IaaS for your workload
  • Cost-effective vCPUs and powerful dedicated cores
  • Flex­ib­il­ity with no minimum contract
  • 24/7 expert support included

How to use SET PASSWORD to change user passwords

The SET PASSWORD command allows you to change user passwords quickly and securely. Without a FOR clause, the command changes the password for the currently logged-in user. Adding FOR ‘user’@’host’ allows you to target a specific account. In this case, you need UPDATE priv­ileges on the mysql database, which stores MariaDB’s user in­form­a­tion.

The general syntax is:

SET PASSWORD FOR 'user'@'host' = PASSWORD('newpassword');
sql

In current versions of MariaDB (10.4 and later), you can use ALTER USER to set the password directly in plaintext:

ALTER USER 'user'@'host' IDENTIFIED BY 'newpassword';
sql

This newer method is preferred because the older function generates an internal hash and only works with certain password-based au­then­tic­a­tion plugins such as mysql_native_password, ed25519, or mysql_old_password. Other plugins like unix_socket, pam, gssapi, or named_pipe don’t store a password in the database. In these cases, SET PASSWORD will cause an error.

How to change a user’s password

You can update a user’s password directly via the MariaDB client by con­nect­ing over SSH.

First, open an SSH session and log in to the server. To start the MariaDB client with ad­min­is­trat­ive priv­ileges, enter the following command:

sudo mysql
bash

After entering your SSH user password, you’ll gain access to the MariaDB interface. There, you’ll see a prompt similar to the following:

MariaDB [(none)]>
sql

To manage user passwords, select the database that contains the user in­form­a­tion. By default, this is the mysql database. Switch to it with:

use mysql;
sql

Now, change the password for the desired user by entering:

SET PASSWORD FOR 'newuser'@'host' = PASSWORD('newsecurepassword');
sql

Replace newuser with the actual username and newsecurepassword with the new password.

Once the change is suc­cess­ful, MariaDB will display a con­firm­a­tion message.

When you’re finished, exit the MariaDB client with:

exit
sql

This will return you to the regular server console.

For accounts that log in with a password, SET PASSWORD is still a valuable tool. It allows you to quickly respond to security incidents, enforce new passwords and maintain secure access after role changes.

Managed Databases
Time-saving database services
  • En­ter­prise-grade ar­chi­tec­ture managed by experts
  • Flexible solutions tailored to your re­quire­ments
  • Hosted in the UK under strict data pro­tec­tion le­gis­la­tion
Go to Main Menu