Changes the password that is associated with a database role.

Syntax

ALTER ROLE role_name IDENTIFIED BY password
           [REPLACE prev_password]

Description

You can use the ALTER ROLE… IDENTIFIED BY command to change the password if you are a role without the CREATEROLE privilege. If you use an unauthorized role and PASSWORD_VERIFY_FUNCTION is not NULL in the configuration file, you must include the REPLACE clause and previous password. If a non-superuser uses the REPLACE clause, the server compares the provided password with the existing password. If the passwords do not match, an error occurs.

A database superuser can use this command to change the password that is associated with any role. If a superuser includes the REPLACE clause, this clause is ignored and a non-matching value for the previous password does not generate an error.

If the role whose password is to be changed has the SUPERUSER attribute, only a superuser can run the ALTER ROLE… IDENTIFIED BY command. A role with the CREATEROLE attribute can use this command to change the password that is associated with a non-superuser role.

Parameters

ParameterDescription
Parameter Description
role_name The name of the role whose password is to be changed.
password The new password of the role.
prev_password The previous password of the role.

Example

Change the password of the role:

ALTER ROLE john IDENTIFIED BY xyRP35z REPLACE 23PJ74a;