SET PASSWORD Syntax
The SET PASSWORD statement assigns a password to an existing MariaDB user account.
If the password is specified using the PASSWORD() or OLD_PASSWORD() function, the literal text of the password should be given. If the password is specified without using either function, the password should be the already-encrypted password value as returned by PASSWORD().
With no FOR clause, this statement sets the password for the current user. Any client that has connected to the server using a nonanonymous account can change the password for that account.
In MariaDB 5.1 and later, when the read-only system variable is enabled, the SUPER privilege is required to use SET PASSWORD.
With a FOR clause, this statement sets the password for a specific account on the current server host. Only clients that have the UPDATE privilege for the MariaDB database can do this. The user value should be given in user_name@host_nameuser_name and host_name are exactly as they are listed in the User and Host columns of the mysql.user table entry. For example, if you had an entry with User and Host column values of 'bob' and '%.loc.gov', you would write the statement like this:
SET PASSWORD FOR 'bob'@'%.loc.gov' = PASSWORD('newpass');
That is equivalent to the following statements:
UPDATE mysql.user SET Password=PASSWORD('newpass')
WHERE User='bob' AND Host='%.loc.gov';
FLUSH PRIVILEGES;
Another way to set the password is to use GRANT:
GRANT USAGE ON *.* TO 'bob'@'%.loc.gov' IDENTIFIED BY 'newpass';
Important
SET PASSWORD may be recorded in server logs or in a history file such as ~/.mysql_history, which means that plaintext passwords may be read by anyone having read access to that information. See , "Password Security in MySQL".Note
If you are connecting to a MariaDB or later server using a pre-4.1 client program, do not use the preceding SET PASSWORD or UPDATE statement without reading , "Password Hashing in MySQL", first. The password format changed in MySQL, and under certain circumstances it is possible that if you change your password, you might not be able to connect to the server afterward.
To see which account the server authenticated you as, invoke the CURRENT_USER() function.
If you are using MariaDB Replication, you should be aware that, currently, a password used by a replication slave as part of a CHANGE MASTER TO statement is effectively limited to 32 characters in length; the password can be longer, but any characters in excess of this number are truncated. This is not due to any limit imposed by the MariaDB Server generally, but rather is an issue that is specific to MariaDB Replication. (See Bug #43439, for more information.)
For more information about setting passwords, see , "Assigning Account Passwords"