Changing the password in MongoDB for existing user

Question

I have production environment where my mongoDB is up and running and DBAs are asking us to change the password which we use for authentication. One way to do this is run the addUser command again with a new password as described in change password

> db.auth("app_user", "somepassword")
db.addUser("app_user", "new password")

This is as good as a adding a new user.

I understand that I have to restart mongod with the --auth option once I add a new user as described in but as this is a production env and I can't restart my server. Is there any other option ? or if my approach is wrong how to change the password in mongoDB

You only would need to restart if you were going from no auth to auth - you have no need to restart. — Asya Kamsky, Apr 30 '13 at 15:13
Apparently you also need to restart when adding/updating users to a non auth mongod (yes its still possible to authenticate users on specific database) — Benoit, Nov 25 '16 at 15:13

db80 · Answer 1 · 2017-04-25T08:42:12.717

25

MongoDB > 3.X

db.updateUser("root", {pwd: "NewRootAdmin" })

Reference: https://docs.mongodb.com/manual/reference/method/db.updateUser/

edited Apr 25 '17 at 08:42

answered Dec 22 '16 at 15:46

db80

4,157
1
38
38

score 24 · Accepted Answer · edited May 18 '13 at 21:26

24

For v2.4

db.changeUserPassword("app_user", "new password")

https://groups.google.com/d/msg/mongodb-user/KkXbDCsCfOs/rk2_h-oSbAwJ https://jira.mongodb.org/browse/DOCS-1515

edited May 18 '13 at 21:26

Asya Kamsky

41,784
5
109
133

answered May 17 '13 at 18:07

Gabriel

1,679
3
16
37

score 1 · Answer 3 · answered Apr 30 '13 at 15:16

1

You linked to a question asking about adding authentication to MongoDB which involves starting 'mongod' with option --auth. Since you are already running with --auth the restart is not necessary in your scenario.

Just change the user password and you'll be set to go.

answered Apr 30 '13 at 15:16

Asya Kamsky

41,784
5
109
133

1

Thanks Asya, but is it the only way to change the password ? "adduser" is somewhat misleading. – Srivatsa N May 02 '13 at 03:31
1

I agree it's not the best command name but addUser will create user if they don't exist or change their password if they do exist. – Asya Kamsky May 02 '13 at 16:02
As of 2.4 this doesn't seem to work anymore `JavaScript execution failed: User already exists with that username/userSource combination` – UpTheCreek May 07 '13 at 06:32
@Asya using the 2.2 syntax gives "uncaught exception: couldn't add user: system.users entry must not have both 'roles' and 'readOnly' fields" – Gabriel May 17 '13 at 17:27

score 1 · Answer 4 · answered May 23 '19 at 02:34

Starting of Mongodb 4.0, you have to use db.updateUser(), setting passwordDigestor key as "server", when updating the user password:

https://dba.stackexchange.com/questions/238847/cant-update-user-password-on-mongodb-4-0-5-use-of-scram-sha-256-requires-undig

score 1 · Answer 5 · answered Jun 29 '21 at 12:24

1

If you have an old password and you want to change the password then user mongo --username <USERNAME> and then use db.changeUserPassword("<USERNAME>", passwordPrompt()) .

answered Jun 29 '21 at 12:24

Krunal

938
2
10
33

Changing the password in MongoDB for existing user

5 Answers5

Linked