批改用户
批改用户须要有全局的创立用户权限、或零碎 mysql 数据库的更新权限。
# 批改以后登录的用户的明码
ALTER USER USER() IDENTIFIED BY 'auth_string';
# 批改指定用户的明码
ALTER USER 'jeffrey'@'localhost' IDENTIFIED BY 'password';
# 批改以后用户的明码并对现有明码进行验证,验证失败不会批改
ALTER USER 'jeffrey'@'localhost' IDENTIFIED BY 'password' REPLACE 'current_password';
# 批改指定用户的属性
ALTER USER 'bill'@'localhost' ATTRIBUTE '{"baz":"faz","foo":"moo"}';
# 删除指定用户的某个属性
ALTER USER 'bill'@'localhost' ATTRIBUTE '{"foo": null}';
# 批改指定用户的 comment 属性
ALTER USER 'bill'@'localhost' COMMENT 'Something about Bill';
# 批改指定用户的 comment 属性为空字符串
ALTER USER 'bill'@'localhost' COMMENT '';
# 删除指定用户的 comment 属性
ALTER USER 'bill'@'localhost' ATTRIBUTE '{"comment": null}';
# 将用户的明码标记为过期,下次登录必须批改
ALTER USER 'jeffrey'@'localhost' IDENTIFIED BY 'new_password' PASSWORD EXPIRE;
# 批改用户的角色,角色不须要存在
ALTER USER 'joe'@'10.0.0.1' DEFAULT ROLE administrator, developer;
# 批改指定用户的明码
SET PASSWORD FOR 'jeffrey'@'localhost' = 'auth_string';
# 批改以后登录用户的明码,不须要任何权限
SET PASSWORD = 'auth_string';
锁定用户
帐户锁定状态记录在零碎表 mysql.user
的 account_locked
列中。
ALTER USER 'jeffrey'@'localhost' ACCOUNT LOCK;
ALTER USER 'jeffrey'@'localhost' ACCOUNT UNLOCK;
# 查看用户的锁定信息
SHOW CREATE USER user
应用锁定的用户登录,会提醒以下内容:
Access denied for user 'user_name'@'host_name'.
Account is locked.