- Reference >
mongo
Shell Methods >- User Management Methods >
- db.changeUserPassword()
db.changeUserPassword()¶
On this page
Definition¶
-
db.
changeUserPassword
(username, password)¶ Updates a user’s password. Run the method in the database where the user is defined, i.e. the database you
created
the user.Field Type Description username
string Specifies an existing username with access privileges for this database. password
string Specifies the corresponding password. writeConcern
document Optional. The level of write concern for the creation operation. The writeConcern
document takes the same fields as thegetLastError
command.
Required Access¶
To modify the password of another user on a database, you must have the
changeAnyPassword
action
on that database.
Behavior¶
Warning
By default, db.changeUserPassword()
sends all specified data to the MongoDB
instance in cleartext. Use TLS transport encryption to protect
communications between clients and the server,
including the password sent by db.changeUserPassword()
. For
instructions on enabling TLS transport encryption, see
Configure mongod and mongos for TLS/SSL.
MongoDB does not store the password in cleartext. The password is only vulnerable in transit between the client and the server, and only if TLS transport encryption is not enabled.
Example¶
The following operation changes the password of the user named
accountUser
in the products
database to SOh3TbYhx8ypJPxmt1oOfL
: