MySQLERRORNotableAccess ControlHIGH confidence

GRANT would create a new account but user already exists with a different plugin

Production Risk

Low — the GRANT is rejected; no privilege change occurs.

What this means

A GRANT statement tried to create a user implicitly, but a user with that name already exists and is configured with a different authentication plugin.

Why it happens

1The user already exists with a specific authentication plugin, and the GRANT statement specifies a different plugin or no plugin.

How to reproduce

trigger — this will error

GRANT SELECT ON db.* TO 'user'@'%' IDENTIFIED WITH caching_sha2_password BY 'pass';

expected output

ERROR 1649 (HY000): Account already exists with a different authentication plugin.

Fix

Use ALTER USER to change the authentication plugin separately

ALTER USER 'user'@'%' IDENTIFIED WITH caching_sha2_password BY 'pass';
GRANT SELECT ON db.* TO 'user'@'%';

Why this works

Separating user modification from grant avoids implicit user creation conflicts.

Version notes

Sources

Official documentation ↗

MySQL 8.0 — 1649 ER_GRANT_PLUGIN_USER_EXISTS

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

At a glance

PlatformMySQL Error Numbers

Code1649

ClassAccess Control

SeverityERROR

TierNotable

ConfidenceHIGH

← All MySQL errors