# SET PASSWORD

## Syntax

```sql
SET PASSWORD [FOR user] =
    {
        PASSWORD('some password')
      | OLD_PASSWORD('some password')
      | 'encrypted password'
    }
```

## Description

The `SET PASSWORD` statement assigns a password to an existing MariaDB user account.

If the password is specified using the [PASSWORD()](https://mariadb.com/docs/server/reference/sql-functions/secondary-functions/encryption-hashing-and-compression-functions/password) or [OLD\_PASSWORD()](https://mariadb.com/docs/server/reference/sql-functions/secondary-functions/encryption-hashing-and-compression-functions/old_password) function, the literal text of the password should be given. If the password is specified without using either function, the password should be the already-encrypted password value as returned by [PASSWORD()](https://mariadb.com/docs/server/reference/sql-functions/secondary-functions/encryption-hashing-and-compression-functions/password).

{% hint style="info" %}
[OLD\_PASSWORD()](https://mariadb.com/docs/server/reference/sql-functions/secondary-functions/encryption-hashing-and-compression-functions/old_password) should only be used if your MariaDB/MySQL clients are very old (< 4.0.0).
{% endhint %}

With no `FOR` clause, this statement sets the password for the current user. Any client that has connected to the server using a non-anonymous account can change the password for that account.

With a `FOR` clause, this statement sets the password for a specific account on the current server host. Only clients that have the `UPDATE` privilege for the `mysql` database can do this. The user value should be given in `user_name@host_name` format, where `user_name` and `host_name` are exactly as they are listed in the User and Host columns of the [mysql.user](https://mariadb.com/docs/server/reference/system-tables/the-mysql-database-tables/mysql-user-table) table (or view in current versions) entry.

The argument to [PASSWORD()](https://mariadb.com/docs/server/reference/sql-functions/secondary-functions/encryption-hashing-and-compression-functions/password) and the password given to MariaDB clients can be of arbitrary length.

## Authentication Plugin Support

`SET PASSWORD` (with or without `PASSWORD()`) works for accounts authenticated via any [authentication plugin](https://mariadb.com/docs/server/reference/plugins/authentication-plugins) that supports passwords stored in the [mysql.global\_priv](https://mariadb.com/docs/server/reference/system-tables/the-mysql-database-tables/mysql-global_priv-table) table.

The [ed25519](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-ed25519), [mysql\_native\_password](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-mysql_native_password), and [mysql\_old\_password](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-mysql_old_password) authentication plugins store passwords in the [mysql.global\_priv](https://mariadb.com/docs/server/reference/system-tables/the-mysql-database-tables/mysql-global_priv-table) table.

If you run `SET PASSWORD` on an account that authenticates with one of these authentication plugins that stores passwords in the [mysql.global\_priv](https://mariadb.com/docs/server/reference/system-tables/the-mysql-database-tables/mysql-global_priv-table) table, then the `PASSWORD()` function is evaluated by the specific authentication plugin used by the account. The authentication plugin hashes the password with a method that is compatible with that specific authentication plugin.

The [unix\_socket](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-unix-socket), [named\_pipe](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-named-pipe), [gssapi](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-gssapi), and [pam](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-with-pluggable-authentication-modules-pam/authentication-plugin-pam) authentication plugins do **not** store passwords in the [mysql.global\_priv](https://mariadb.com/docs/server/reference/system-tables/the-mysql-database-tables/mysql-global_priv-table) table. These authentication plugins rely on other methods to authenticate the user.

If you attempt to run `SET PASSWORD` on an account that authenticates with one of these authentication plugins that doesn't store a password in the [mysql.global\_priv](https://mariadb.com/docs/server/reference/system-tables/the-mysql-database-tables/mysql-global_priv-table) table, then MariaDB Server will issue an error like the following:

```
SET PASSWORD IS ignored FOR users authenticating via unix_socket plugin
```

{% hint style="info" %}
See [Authentication from MariaDB 10.4](https://mariadb.com/docs/server/security/user-account-management/authentication-from-mariadb-10-4) for an overview of authentication changes in MariaDB.
{% endhint %}

## Passwordless User Accounts

User accounts do not always require passwords to login.

The [unix\_socket](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-unix-socket) , [named\_pipe](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-named-pipe) and [gssapi](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-gssapi) authentication plugins do not require a password to authenticate the user.

The [pam](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-with-pluggable-authentication-modules-pam/authentication-plugin-pam) authentication plugin may or may not require a password to authenticate the user, depending on the specific configuration.

The [mysql\_native\_password](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-mysql_native_password) and [mysql\_old\_password](https://mariadb.com/docs/server/reference/plugins/authentication-plugins/authentication-plugin-mysql_old_password) authentication plugins require passwords for authentication, but the password can be blank. In that case, no password is required.

If you provide a password while attempting to log into the server as an account that doesn't require a password, then MariaDB server will simply ignore the password.

A user account can be defined to use multiple authentication plugins in a specific order of preference. This specific scenario may be more noticeable in these versions, since an account could be associated with some authentication plugins that require a password, and some that do not.

## Example

For example, if you had an entry with User and Host column values of '`bob`' and '`%.loc.gov`', you would write the statement like this:

```sql
SET PASSWORD FOR 'bob'@'%.loc.gov' = PASSWORD('newpass');
```

If you want to delete a password for a user, you would do:

```sql
SET PASSWORD FOR 'bob'@localhost = PASSWORD("");
```

## See Also

* [Password Validation Plugins](https://mariadb.com/docs/server/reference/plugins/password-validation-plugins) - permits the setting of basic criteria for passwords
* [ALTER USER](https://mariadb.com/docs/server/reference/sql-statements/account-management-sql-statements/alter-user)

<sub>*This page is licensed: GPLv2, originally from*</sub> [<sub>*fill\_help\_tables.sql*</sub>](https://github.com/MariaDB/server/blob/main/scripts/fill_help_tables.sql)

{% @marketo/form formId="4316" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://mariadb.com/docs/server/reference/sql-statements/account-management-sql-statements/set-password.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.