OPTIONS

Change Your Password and Custom Data

Changed in version 2.6.

Overview

Users with appropriate privileges can change their own passwords and custom data. Custom data stores optional user information.

Considerations

To generate a strong password for use in this procedure, you can use the openssl utility’s rand command. For example, issue openssl rand with the following options to create a base64-encoded string of 48 pseudo-random bytes:

openssl rand -base64 48

Prerequisites

To modify your own password or custom data, you must have the changeOwnPassword and changeOwnCustomData actions respectively on the cluster resource.

Procedure

1

Connect with the appropriate privileges.

Connect to the mongod or mongos with your username and current password.

For example, the following operation connects to MongoDB as an authenticated user named manager.

mongo --port 27017 -u manager -p 12345678 --authenticationDatabase admin
2

Verify your privileges.

To check that you have the privileges specified in the Prerequisites section, use the usersInfo command with the showPrivileges option.

The following example operation checks privileges for a user connected as manager:

db.runCommand(
  {
    usersInfo:"manager",
    showPrivileges:true
  }
)

The resulting users document displays the privileges granted to manager.

2

View your custom data.

Connect to the mongod or mongos with your username and current password.

For example, the following operation returns information for the manager user:

db.runCommand( { usersInfo: "manager" } )
3

Change your password and custom data.

Pass your username, new password, and new custom data to the updateUser command.

For example, the following operation changes a user’s password to KNlZmiaNUp0B and custom data to { title: "Senior Manager" }:

db.runCommand(
    { updateUser: "manager",
      pwd: "KNlZmiaNUp0B",
      customData: { title: "Senior Manager" }
    }
)