Error 1862 means the user password is expired and MySQL forces a change before the session can start.
ER_MUST_CHANGE_PASSWORD_LOGIN (MySQL error 1862) appears when the account password has expired. MySQL blocks the session until the user changes the password with ALTER USER or SET PASSWORD. Logging in with a supported client and resetting the password resolves the issue.
ER_MUST_CHANGE_PASSWORD_LOGIN
MySQL throws ER_MUST_CHANGE_PASSWORD_LOGIN when an account whose password has reached its expiration policy tries to start a session. The server refuses authentication until the password is updated.
The error first appeared in MySQL 5.7.1 and only surfaces when the client library understands the expired-password protocol. Modern versions of mysql, MySQL Shell, and API connectors all trigger it.
The built-in password expiration mechanism marks accounts as expired after a defined number of days. When such an account connects, MySQL sets the password_expired flag and returns error 1862.
Administrators can also expire a password manually with ALTER USER ... PASSWORD EXPIRE, which forces the next login to change the credential.
Connect with a privileged account or the same account using the --connect-expired-password option, then run ALTER USER or SET PASSWORD to assign a new secure password.
After the password is changed, reconnect normally. The error disappears because the password_expired flag is cleared.
Automated scripts that reuse a service account may suddenly fail when the password ages past the default 360-day policy. Updating the password in both MySQL and the script restores service.
Developers cloning production data to staging often copy user tables, including expiration flags. Clearing the flag or resetting the password in the staging environment resolves the unexpected lockout.
Set a predictable PASSWORD EXPIRE INTERVAL and rotate passwords in advance. Monitor accounts where password_expired = 'Y' to catch issues before they block logins.
Use Galaxy collections to store and share the ALTER USER scripts your team relies on, ensuring every engineer can reset credentials quickly from the editor.
ER_PASSWORD_EXPIRE enforces a password change during the session instead of blocking login. ER_ACCESS_DENIED_ERROR appears when authentication fails for reasons other than expiration. Their fixes differ in that only error 1862 needs a direct password reset.
MySQL 5.7+ sets default_password_lifetime to 360 days. After that period, the server marks the password as expired.
DBAs often run ALTER USER ... PASSWORD EXPIRE to force a credential change, immediately triggering error 1862 on next login.
Dump and restore operations copy the mysql.user table, including password_expired flags, causing surprise expirations in new environments.
Prompts for an in-session password change instead of blocking login entirely.
General authentication failure when credentials are wrong or host is not allowed.
Raised when MySQL cannot load the authentication plugin required by the account.
Yes. Set the global variable default_password_lifetime = 0 and restart or persist it to disable automatic expiration.
The service account password likely hit its expiration threshold. Reset the password and update the script configuration.
Log in as a user with ALTER USER privilege, then run ALTER USER 'target'@'host' IDENTIFIED BY 'NewPwd';
Galaxy lets teams store vetted ALTER USER statements in shared collections, making it easy for engineers to rotate credentials before they expire.
.avif)
.avif){kind=logo}
