Required credentials for clients that connect to the MySQL server can include a password. This section describes how to assign passwords for MySQL accounts.连接到MySQL服务器的客户端所需的凭据可以包括密码。本节介绍如何为MySQL帐户分配密码。

MySQL stores credentials in the user table in the mysql system database. MySQL将凭据存储在mysql系统数据库的user表中。Operations that assign or modify passwords are permitted only to users with the CREATE USER privilege, or, alternatively, privileges for the mysql database (INSERT privilege to create new accounts, UPDATE privilege to modify existing accounts). 分配或修改密码的操作只允许具有CREATE USER权限的用户进行，或者，mysql数据库的权限（创建新帐户的INSERT权限，修改现有帐户的UPDATE权限）。If the read_only system variable is enabled, use of account-modification statements such as CREATE USER or ALTER USER additionally requires the CONNECTION_ADMIN privilege (or the deprecated SUPER privilege).如果启用了read_only系统变量，则使用CREATE USER或ALTER USER等帐户修改语句还需要CONNECTION_ADMIN权限（或已弃用的SUPER权限）。

The discussion here summarizes syntax only for the most common password-assignment statements. 这里的讨论仅总结了最常见的密码分配语句的语法。For complete details on other possibilities, see Section 13.7.1.3, “CREATE USER Statement”, Section 13.7.1.1, “ALTER USER Statement”, and Section 13.7.1.10, “SET PASSWORD Statement”.有关其他可能性的完整详细信息，请参阅第13.7.1.3节，“CREATE USER语句”、第13.7.1.1节，“ALTER USER语句”和第13.7.1.10节，“SET PASSWORD语句”。

MySQL uses plugins to perform client authentication; see Section 6.2.17, “Pluggable Authentication”. MySQL使用插件进行客户端身份验证；请参阅第6.2.17节，“可插拔身份验证”。In password-assigning statements, the authentication plugin associated with an account performs any hashing required of a cleartext password specified. 在密码分配语句中，与帐户关联的身份验证插件执行指定明文密码所需的任何哈希运算。This enables MySQL to obfuscate passwords prior to storing them in the mysql.user system table. 这使得MySQL能够在将密码存储在mysql.user系统表中之前对其进行混淆。For the statements described here, MySQL automatically hashes the password specified. 对于这里描述的语句，MySQL会自动对指定的密码进行哈希运算。There are also syntax for CREATE USER and ALTER USER that permits hashed values to be specified literally. For details, see the descriptions of those statements.CREATE USER和ALTER USER也有语法，允许按字面意思指定哈希值。有关详细信息，请参阅这些语句的描述。

To assign a password when you create a new account, use CREATE USER and include an IDENTIFIED BY clause:要在创建新帐户时分配密码，请使用CREATE USER并包含IDENTIFIED BY子句：

CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'password';

CREATE USER also supports syntax for specifying the account authentication plugin. See Section 13.7.1.3, “CREATE USER Statement”.CREATE USER还支持指定帐户身份验证插件的语法。请参阅第13.7.1.3节，“CREATE USER语句”。

To assign or change a password for an existing account, use the ALTER USER statement with an IDENTIFIED BY clause:要为现有帐户分配或更改密码，请使用带有IDENTIFIED BY子句的ALTER USER语句：

ALTER USER 'jeffrey'@'localhost' IDENTIFIED BY 'password';

If you are not connected as an anonymous user, you can change your own password without naming your own account literally:如果您没有以匿名用户身份连接，您可以更改自己的密码，而无需逐字命名自己的帐户：

ALTER USER USER() IDENTIFIED BY 'password';

To change an account password from the command line, use the mysqladmin command:要从命令行更改帐户密码，请使用mysqladmin命令：

mysqladmin -u user_name -h host_name password "password"

The account for which this command sets the password is the one with a row in the mysql.user system table that matches user_name in the User column and the client host from which you connect in the Host column.此命令设置密码的帐户是mysql.user系统表中有一行与User列中的user_name和Host列中连接的客户端主机匹配的帐户。

If you are using MySQL Replication, be aware that, currently, a password used by a replica as part of a CHANGE REPLICATION SOURCE TO statement (from MySQL 8.0.23) or CHANGE MASTER TO statement (before MySQL 8.0.23) is effectively limited to 32 characters in length; if the password is longer, any excess characters are truncated. This is not due to any limit imposed by MySQL Server generally, but rather is an issue specific to MySQL Replication.如果您正在使用MySQL复制，请注意，目前，副本作为CHANGE REPLICATION SOURCE TO语句（来自MySQL 8.0.23）或CHANGE MASTER TO语句（在MySQL 8.0.22之前）的一部分使用的密码长度实际上限制为32个字符；如果密码较长，任何多余的字符都会被截断。这不是由于MySQL服务器通常施加的任何限制，而是MySQL复制特有的问题。