CREATE USER
Syntax
CREATE USERTheuser_specification
[,user_specification
] ...user_specification
:user
[IDENTIFIED BY [PASSWORD] 'password
']
CREATE USER
statement creates
new MySQL accounts. To use it, you must have the global
CREATE USER
privilege or the
INSERT
privilege for the
mysql
database. For each account,
CREATE USER
creates a new row in
the mysql.user
table and assigns the account
no privileges. An error occurs if the account already exists.
Each account name uses the format described in Section 6.2.3, “Specifying Account Names”. For example:
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';If you specify only the user name part of the account name, a host name part of
'%'
is used.
The user specification may indicate how the user should authenticate when connecting to the server:
-
To enable the user to connect with no password (which is
insecure), include no
IDENTIFIED BY
clause:
CREATE USER 'jeffrey'@'localhost';
-
To assign a password, use
IDENTIFIED BY
with the literal plaintext password value:
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';
-
To avoid specifying the plaintext password if you know its
hash value (the value that
PASSWORD()
would return for the password), specify the hash value preceded by the keywordPASSWORD
:
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY PASSWORD '*90E462C37378CED12064BB3388827D2BA3A9B689';
Important
CREATE USER
may be recorded in
server logs or in a history file such as
~/.mysql_history
, which means that
cleartext passwords may be read by anyone having read access
to that information. See Section 6.1.2, “Keeping Passwords Secure”.
Important
Some releases of MySQL introduce changes to the structure of
the grant tables to add new privileges or features. Whenever
you update to a new version of MySQL, you should update your
grant tables to make sure that they have the current structure
so that you can take advantage of any new capabilities. See
Section 4.4.8, “mysql_upgrade — Check Tables for MySQL Upgrade”.