This guide demonstrates how to change a MySQL/MariaDB user's password.
These instructions are specifically for MySQL/MariaDB installations where you have root access to the database server.

This setup was tested on Debian 12 (Bookworm), but it should work on other Linux systems running MySQL or MariaDB.

Password Change Process

To update a user's password, follow these steps:

1. Access MySQL/MariaDB Server

Login to the MySQL server as root:

sudo mysql -u root -p

When prompted, enter your root password. If the root user doesn't have a password, press Enter.

2. List Existing Users

Before changing passwords, verify the user exists and check their host:

SELECT User, Host FROM mysql.user;

The output will look similar to this:

+------------------+-----------+
| User             | Host      |
+------------------+-----------+
| mysql_user       | localhost |
| debian-sys-maint | localhost |
| mysql.session    | localhost |
| mysql.sys        | localhost |
| root             | localhost |
+------------------+-----------+

3. Update User Password

Use the ALTER USER command to change the password:

ALTER USER 'username'@'localhost' IDENTIFIED BY 'new_password';

Replace:

• username with the actual database user
• localhost with the host shown in step 2
• new_password with a strong password

The password change process is immediate - users will need to use the new password for their next connection attempt.

Password Security Guidelines

When updating passwords, consider these security practices:

1. Password Strength Requirements

• Use a combination of letters, numbers, and special characters
• Make the password at least 12 characters long
• Avoid using personal information or dictionary words

2. When to Change Passwords

• If you suspect your password has been compromised
• After detecting suspicious database activity
• When removing access for departed team members
• As part of your regular security maintenance

3. Additional Security Measures

• Limit user privileges to only what's necessary
• Regularly audit user accounts and remove unused ones
• Use different passwords for different database users

Resources

• MySQL Documentation
  • https://dev.mysql.com/doc/refman/8.0/en/alter-user.html
• MariaDB Documentation
  • https://mariadb.com/kb/en/alter-user/
• Online Password Generator
  • https://www.expressvpn.com/password-generator