For each account,
expires its password. For example:
ALTER USER 'jeffrey'@'localhost' PASSWORD EXPIRE;
The account name uses the format described in
Section 6.2.3, “Specifying Account Names”. If you specify only the user
name part of the account name, a host name part of
'%' is used.
Password expiration for an account affects the corresponding row
mysql.user table: The server sets the
password_expired column to
After an account's password has been expired, all operations
performed in subsequent connections to the server using the
account result in an error until the user issues a
SET PASSWORD statement to
establish a new account password:
SELECT 1;ERROR 1820 (HY000): You must SET PASSWORD before executing this statement mysql>
SET PASSWORD = PASSWORD('Query OK, 0 rows affected (0.01 sec) mysql>
SELECT 1;+---+ | 1 | +---+ | 1 | +---+ 1 row in set (0.00 sec)
This restricted mode of operation also permits
SET statements, which is
useful if the account password uses a hashing format that
old_passwords to be
set to a value different from its default.
It is also possible for an administrative user to reset the account password, but any existing connections for the account remain under restriction. Clients using the account must disconnect and reconnect before statements can be executed successfully.
It is possible after password expiration to “reset”
a password by using
to set it to its current value. As a matter of good policy, it
is preferable to choose a different password.
As of MySQL 5.7.3, it is not possible to expire the password
for anonymous-user accounts. This constraint is imposed
because an anonymous user cannot execute
SET PASSWORD to reset the