Changing the password in MongoDB for existing user

Question

I have production environment where my mongoDB is up and running and DBAs are asking us to change the password which we use for authentication. One way to do this is run the addUser command again with a new password as described in change password

> db.auth("app_user", "somepassword")
db.addUser("app_user", "new password")

This is as good as a adding a new user.

I understand that I have to restart mongod with the --auth option once I add a new user as described in but as this is a production env and I can't restart my server. Is there any other option ? or if my approach is wrong how to change the password in mongoDB

You only would need to restart if you were going from no auth to auth - you have no need to restart. — Asya Kamsky
– Asya Kamsky, Commented Apr 30, 2013 at 15:13
Apparently you also need to restart when adding/updating users to a non auth mongod (yes its still possible to authenticate users on specific database) — Benoit
– Benoit, Commented Nov 25, 2016 at 15:13

db80 · Accepted Answer · 2017-04-25 08:42:12Z

31

MongoDB > 3.X

db.updateUser("root", {pwd: "NewRootAdmin" })

Reference: https://docs.mongodb.com/manual/reference/method/db.updateUser/

edited Apr 25, 2017 at 8:42

answered Dec 22, 2016 at 15:46

db80

4,4471 gold badge41 silver badges39 bronze badges

Sign up to request clarification or add additional context in comments.

Comments

Asya Kamsky · Accepted Answer · 2013-05-18 21:26:32Z

25

For v2.4

db.changeUserPassword("app_user", "new password")

https://groups.google.com/d/msg/mongodb-user/KkXbDCsCfOs/rk2_h-oSbAwJ https://jira.mongodb.org/browse/DOCS-1515

edited May 18, 2013 at 21:26

Asya Kamsky

42.4k5 gold badges113 silver badges133 bronze badges

answered May 17, 2013 at 18:07

Gabriel

1,7833 gold badges18 silver badges40 bronze badges

Comments

Asya Kamsky · Accepted Answer · 2013-04-30 15:16:01Z

1

You linked to a question asking about adding authentication to MongoDB which involves starting 'mongod' with option --auth. Since you are already running with --auth the restart is not necessary in your scenario.

Just change the user password and you'll be set to go.

answered Apr 30, 2013 at 15:16

Asya Kamsky

42.4k5 gold badges113 silver badges133 bronze badges

4 Comments

Srivatsa N Over a year ago

Thanks Asya, but is it the only way to change the password ? "adduser" is somewhat misleading.

Asya Kamsky Over a year ago

I agree it's not the best command name but addUser will create user if they don't exist or change their password if they do exist.

UpTheCreek Over a year ago

As of 2.4 this doesn't seem to work anymore JavaScript execution failed: User already exists with that username/userSource combination

Gabriel Over a year ago

@Asya using the 2.2 syntax gives "uncaught exception: couldn't add user: system.users entry must not have both 'roles' and 'readOnly' fields"

ivanleoncz · Accepted Answer · 2019-05-23 02:34:49Z

1

Starting of Mongodb 4.0, you have to use db.updateUser(), setting passwordDigestor key as "server", when updating the user password:

https://dba.stackexchange.com/questions/238847/cant-update-user-password-on-mongodb-4-0-5-use-of-scram-sha-256-requires-undig

answered May 23, 2019 at 2:34

ivanleoncz

10.3k7 gold badges62 silver badges53 bronze badges

Comments

Krunal · Accepted Answer · 2021-06-29 12:24:45Z

1

If you have an old password and you want to change the password then user mongo --username <USERNAME> and then use db.changeUserPassword("<USERNAME>", passwordPrompt()) .

answered Jun 29, 2021 at 12:24

Krunal

9382 gold badges10 silver badges34 bronze badges

Collectives™ on Stack Overflow

Changing the password in MongoDB for existing user

5 Answers 5

Comments

Comments

4 Comments

Comments

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

5 Answers 5

Comments

Comments

4 Comments

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related