db.changeUserPassword(username, password)

Updates a user’s password. Run the method in the database where the user is defined, i.e. the database you created the user.

Parameter Type Description
username string Specifies an existing username with access privileges for this database.
password string Specifies the corresponding password.
mechanism string

Optional. Specifies the authentication mechanism used. Defaults to either:

Changed in version 3.0: In previous version, defaulted to MONGODB-CR.

For available mechanisms, see authentication mechanisms.

digestPassword boolean Optional. Determines whether the server receives digested or undigested password. Set to false to specify undigested password. For use with SASL/LDAP authentication since the server must forward an undigested password to saslauthd.

Required Access

To modify the password of another user on a database, you must have the changeAnyPassword action on that database.


The following operation changes the password of the user named accountUser in the products database to SOh3TbYhx8ypJPxmt1oOfL:

use products
db.changeUserPassword("accountUser", "SOh3TbYhx8ypJPxmt1oOfL")