SET PASSWORD Statement#
SET PASSWORD [FOR user] = password_option
password_option: {
PASSWORD('auth_string')
| OLD_PASSWORD('auth_string')
| 'hash_string'
}
'auth_string'represents a cleartext password.'hash_string'represents an encrypted password.
SET PASSWORD can be used with or without a FOR clause that explicitly names a user account:
With a FOR
userclause, the statement sets the password for the named account, which must exist:SET PASSWORD FOR 'jeffrey'@'localhost' = password_option;
With no FOR
userclause, the statement sets the password for the current user:SET PASSWORD = password_option;
Any client who connects to the server using a nonanonymous account can change the password for that account. (In particular, you can change your own password.) To see which account the server authenticated you as, invoke the CURRENT_USER() function:
SELECT CURRENT_USER();
The password can be specified in these ways:
Use the
PASSWORD()functionSET old_passwords = 0; SET PASSWORD FOR 'jeffrey'@'localhost' = PASSWORD('123456');
Use the
OLD_PASSWORD()functionUse an already encrypted password string
The following table shows, for each password hashing method, the permitted value of old_passwords and which authentication plugins use the hashing method.
| Password Hashing Method old_passwords | Value Associated | Authentication Plugin |
|---|---|---|
| MySQL 4.1 native hashing | 0 | mysql_native_password |
| Pre-4.1 (“old”) hashing | 1 | mysql_old_password |
| SHA-256 hashing | 2 | sha256_password |