How to fix MariaDB 1132 Must have privileges to update tables in the mysql database?

Grant appropriate privilege or use root/admin account: The CREATE USER privilege allows managing other users' credentials without full root access.

1132

MariaDBERRORNotableSecurityHIGH confidence

Must have privileges to update tables in the mysql database

Production Risk

Low — operation is denied; no change is made.

What this means

ER_PASSWORD_NOT_ALLOWED (1132, SQLSTATE HY000) is raised when a user attempts to change another user's password without having the necessary privileges (UPDATE on mysql.user or the CREATE USER privilege).

Why it happens

1Non-privileged user attempting to change another user's password
2User lacks UPDATE privilege on the mysql system schema

How to reproduce

trigger — this will error

-- As non-root user:
ALTER USER 'other_user'@'localhost' IDENTIFIED BY 'newpass';

expected output

ERROR 1132 (HY000): You must have privileges to update tables in the mysql database to be able to change passwords for other users

Fix

Grant appropriate privilege or use root/admin account

WHEN Password change for another user is required.

Grant appropriate privilege or use root/admin account

-- As root:
ALTER USER 'other_user'@'localhost' IDENTIFIED BY 'newpass';
-- Or grant the privilege:
GRANT CREATE USER ON *.* TO 'admin'@'localhost';

Why this works

The CREATE USER privilege allows managing other users' credentials without full root access.

What not to do

✕ Grant UPDATE on mysql.* to application users

Granting direct UPDATE access to mysql.* allows the application to manipulate all user accounts and privileges.

Sources

Official documentation ↗

MySQL 8.0 — 1132 ER_PASSWORD_NOT_ALLOWED

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

At a glance

PlatformMariaDB Error Codes

Code1132

ClassSecurity

SeverityERROR

TierNotable

ConfidenceHIGH