The ALTER USER command is used to modify a user’s account attributes, including roles, passwords, and password policies, etc.

    About and password_policy, Please refer to CREATE USER.

    ACCOUNT_UNLOCK is used to unlock a locked user.

    In an ALTER USER command, only one of the following account attributes can be modified at the same time:

    1. Change password
    2. Modify PASSWORD_HISTORY
    3. Modify PASSWORD_EXPIRE
    4. Modify and PASSWORD_LOCK_TIME
    5. Unlock users

    1. Change the user’s password

      1. ALTER USER jack@‘%’ IDENTIFIED BY "12345";

    2. Modify the user’s password policy

      1. ALTER USER jack@'%' FAILED_LOGIN_ATTEMPTS 3 PASSWORD_LOCK_TIME 1 DAY;

    3. Unlock a user

    1. ALTER, USER

    1. Modify the role

      If the user previously belonged to role A, when the user role is modified, all permissions corresponding to role A on the user will be revoked first, and then all permissions corresponding to the new role will be granted.

      Note that if the user has been granted a certain permission before, and role A also includes this permission, after modifying the role, the individually granted permission will also be revoked.

      Suppose roleA has the privilege: select_priv on db1.*, create user user1 and set the role to roleA.

      Then give the user this privilege separately:

      roleB has the privilege alter_priv on db1.tbl1. At this time, modify the role of user1 to B.

      Then finally user1 has alter_priv on db1.tbl1 and load_priv on db1.* permissions.

    2. Modify the password policy

      1. Modify FAILED_LOGIN_ATTEMPTS or will unlock the user.