How to Change MySQL Server Password (Linux & Windows Guide 2025)

How to Change MySQL Server Password: A Step-by-Step 2025 Guide

MySQL remains a go-to database system for developers and administrators across the globe. Whether you’re tightening up security, updating login credentials, or recovering access after a lost password, knowing how to change your MySQL password is a must-have skill.

This guide breaks down the most effective ways to update MySQL server passwords — covering root and user accounts on both Linux and Windows systems. Plus, you’ll find troubleshooting tips and security enhancements to help keep your setup protected.

Why Change Your MySQL Password?

Here are a few common scenarios where updating the password becomes necessary:

• Security issues: Compromised credentials, shared logins, or outdated passwords.
• Policy updates: Enforced rotation cycles or new complexity requirements.
• Forgotten access: You’ve lost the current root password.
• Server changes: Post-migration adjustments require fresh credentials.
• User updates: Resetting passwords for other MySQL accounts.

Method 1: Update MySQL Root Password (Linux – MySQL 5.7/8.0+)

Step 1: Log in to MySQL Shell

sudo mysql -u root -p

Enter your current root password when prompted.

Step 2: Change the Root Password

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'NewSecurePassword@123';
FLUSH PRIVILEGES;
EXIT;

Tip: Swap out NewSecurePassword@123 with your new strong password.

Step 3: Confirm the New Password Works

mysql -u root -p

Log in using your new credentials to verify success.

🛠️ Method 2: Reset Root Password If Forgotten (Linux)

In case the root password is lost, here’s how to recover access:

Step 1: Stop the MySQL Service

sudo systemctl stop mysql

Step 2: Launch MySQL Without Access Control

sudo mysqld_safe --skip-grant-tables &

Step 3: Log in Without a Password

mysql -u root

Step 4: Set a New Root Password

FLUSH PRIVILEGES;
ALTER USER 'root'@'localhost' IDENTIFIED BY 'NewPassword@123';
EXIT;

Step 5: Restart MySQL Normally

sudo systemctl restart mysql

Step 6: Test Login

mysql -u root -p

Method 3: Change MySQL Password on Windows

Step 1: Launch Command Prompt as Admin

Navigate to MySQL’s bin directory. Example:

cd "C:\Program Files\MySQL\MySQL Server 8.0\bin"

Step 2: Run mysqladmin to Change Password

mysqladmin -u root -p password "NewSecurePassword@123"

You’ll be asked for the current password. Once entered, the change is applied.

Method 4: Update Password for a Different User

To update credentials for a user like adminuser, use:

ALTER USER 'adminuser'@'localhost' IDENTIFIED BY 'AdminNewPass#2025';

Just ensure you’re logged in as a user with enough privileges (typically root).

Fixing Common Issues

❗ “Access denied for user ‘root’@’localhost'”

• Double-check you’re entering the right password.
• If locked out, try the --skip-grant-tables method.
• Some systems (like Ubuntu) may use the auth_socket plugin.

Run this to confirm:

SELECT user, host, plugin FROM mysql.user;

To switch back to password auth:

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'YourPassword';

“ERROR 1820 (HY000): You must reset your password using ALTER USER”

MySQL might flag expired passwords. Fix with:

ALTER USER 'root'@'localhost' IDENTIFIED BY 'NewPassword@123';

Enforce Strong Passwords with validate_password

For stricter password rules, activate the validate_password plugin.

Step 1: Enable the Plugin

INSTALL PLUGIN validate_password SONAME 'validate_password.so';

Step 2: Review Current Policy Settings

SHOW VARIABLES LIKE 'validate_password%';

Step 3: Customize Strength Requirements

SET GLOBAL validate_password.length = 12;
SET GLOBAL validate_password.policy = STRONG;

This ensures future passwords meet complexity guidelines.

Run mysql_secure_installation Post-Install

This setup script helps harden MySQL:

sudo mysql_secure_installation

It walks you through:

• Setting/changing root password
• Removing anonymous accounts
• Blocking remote root logins
• Deleting test databases
• Reloading privileges

MySQL Password Management Best Practices

1. Use complex passwords
   Combine upper/lowercase letters, digits, and symbols.
2. Rotate passwords regularly
   Especially for root or privileged accounts.
3. Avoid overusing root
   Create limited-privilege accounts for daily tasks.
4. Restrict login hosts
   Avoid '%'; prefer 'localhost' or known IPs.
5. Enable logging
   Use general logs or auditing tools to track changes.

Summary

Changing your MySQL password is one of the simplest, yet most effective ways to safeguard your database. Whether you’re running Linux or Windows, MySQL makes it easy to update, recover, and manage user credentials securely.

What You Should Remember:

• Use ALTER USER for MySQL 5.7 and newer.
• mysqladmin offers a quick CLI method.
• Recovery via --skip-grant-tables can save the day.
• validate_password enforces password complexity.
• Follow best practices to avoid future security gaps.

Final Thoughts

Strong database security starts at the login prompt. Managing your MySQL root and user passwords carefully — and regularly — helps keep your system protected. Whether you’re running a single server or managing enterprise clusters, password hygiene isn’t optional — it’s critical.