Summary: in this tutorial, you will learn how to use the mysql CREATE user, DROP USER statement to create a new user or remove one or more user accounts from the database server.
1. How To Create User Accounts Using MySQL CREATE USER Statement
MySQL CREATE USER syntax
The CREATE USER statement creates a new user in the database server.
Here is the basic syntax of the CREATE USER statement:
CREATE USER [IF NOT EXISTS] account_name
IDENTIFIED BY 'password';
In this syntax:
First, specify the account name after the CREATE USER keywords. The account name has two parts: username and hostname, separated by the @ sign:
username@hostname
The username is the name of the user. And hostname is the name of the host from which the user connects to the MySQL Server.
The hostname part of the account name is optional. If you omit it, the user can connect from any host.
An account name without a hostname is equivalent to:
username@%
If the username and hostname contains special characters such as space or -, you need to quote the username and hostname separately as follows:
'username'@'hostname'
Besides the single quote ('), you can use backticks ( `) or double quotation mark ( ").
Second, specify the password for the user after the IDENTIFIED BY keywords.
The IF NOT EXISTS option conditionally create a new user only if it does not exist.
Note that the CREATE USER statement creates a new user without any privileges. To grant privileges to the user, you use the GRANT statement.
MySQL CREATE USER example
First, connect to the MySQL Server using the mysql client tool:
mysql -u root -pEnter the password for the root account and press Enter:
Enter password: ********Second, show users from the current MySQL Server:
mysql> select user from mysql.user;Here is the output:
+------------------+
| user |
+------------------+
| mysql.infoschema |
| mysql.saession |
| mysql.sys |
| root |
+------------------+ Third, create a new user called bob:
mysql> create user bob@localhost identified by 'Secure1pass!';
Fourth, show all users again:
mysql> select user from mysql.user;
The output will be:
+------------------+
| user |
+------------------+
| bob |
| mysql.infoschema |
| mysql.session |
| mysql.sys |
| root |
+------------------+
5 rows in set (0.00 sec)The user bob has been created successfully.
Fifth, open a second session and log in to the MySQL as bob:
mysql -u bob -pInput the password for bob and press Enter:
Enter password: ********Sixth, show the databases that bob has access:
mysql> show databases;Here is the list of databases that bob can access:
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set (0.01 sec)Seventh, go to the session of the user root and create a new database called bobdb:
mysql> create database bobdb;
Eight, select the database bobdb:
mysql> use bobdb;
Ninth, create a new table called lists:
mysql> create table lists(
-> id int auto_increment primary key,
-> todo varchar(100) not null,
-> completed bool default false);
Notice that when you press Enter, instead of showing the mysql> command, the mysql tool shows the -> that accepts new clause of the statement.
Tenth, grant all privileges on the bobdb to bob:
mysql> grant all privileges on bobdb.* to bob@localhost;Note that you will learn how to grant privileges to a user in the GRANT tutorial.
Eleventh, go to the bob’s session and show databases:
mysql> show databases;
Now, bob can see the bobdb:
+--------------------+
| Database |
+--------------------+
| bobdb |
| information_schema |
+--------------------+
2 rows in set (0.00 sec)Twelfth, select the database bobdb:
mysql> use bobdb;
Thirteenth, show the tables from the bobdb database:
mysql> show tables;
The user bob can see the lists table:
+-----------------+
| Tables_in_bobdb |
+-----------------+
| lists |
+-----------------+
1 row in set (0.00 sec)Fourteenth, insert a row into the lists table:
mysql> insert into lists(todo) values('Learn MySQL');
Fifteenth, query data from the lists table:
mysql> select * from lists;
This is the output:
+----+-------------+-----------+
| id | todo | completed |
+----+-------------+-----------+
| 1 | Learn MySQL | 0 |+----+-------------+-----------+
1 row in set (0.00 sec) So the user bob can do everything in the bobdb database.
Finally, disconnect from the MySQL Server from both sessions:
mysql> exit2. Introduction to MySQL DROP USER statement
To remove a user account from the MySQL Server, you use the DROP USER statement as follows:
DROP USER account_name;
In this syntax, you specify the name of the user account that you want to remove after the DROP USER keywords.
If you want to remove multiple user accounts at once, you specify a list of comma-separated user accounts in the DROP USER clause:
DROP USER account_name [,account_name2]...If you remove a user account that doesn’t exist, MySQL will issue an error.
In MySQL 5.7.8+, you can use the IF EXISTS clause to conditionally drop a user only if it exists:
DROP USER [IF EXISTS] account_name [,account_name2]...;
Besides removing the user account, the DROP USER statement also removes all privileges of the user from all grant tables.
MySQL DROP USER examples
Let’s take some examples of dropping users.
A) Using MySQL DROP USER statement to drop a user example
First, connect to the MySQL Server using the root account:
mysql -u root -pType the password for the root user and press Enter:
Enter password: ********Second, create four account users accounts api@localhost, remote, dbadmin@localhost and alice@localhost:
mysql> create user api@localhost, remote, dbadmin@localhost, alice@localhost identified by 'Secure1Pass!';Third, show users from the MySQL Server:
mysql> select user, host from mysql.user;Here is the current user list:
+------------------+-----------+
| user | host |
+------------------+-----------+
| remote | % |
| alice | localhost |
| api | localhost |
| bob | localhost |
| dbadmin | localhost |
| mysql.infoschema | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+------------------+-----------+
9 rows in set (0.00 sec)Fourth, drop the user dbadmin@localhost by using the DROP USER statement:
mysql> drop user dbadmin@localhostFifth, show all users again:
mysql> select user, host from mysql.user;
+------------------+-----------+
| user | host
+------------------+-----------+
| remote | % |
| alice | localhost |
| api | localhost |
| bob | localhost |
| mysql.infoschema | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+------------------+-----------+
8 rows in set (0.00 sec)The user account dbadmin@localhosthas been removed successfully.
B) Using MySQL DROP USER to drop multiple user accounts at once
First, remove two user accounts api@localhost and remote using the following statement:
mysql> drop user api@localhost, remote;
Second, show users from the current database:
mysql> select user, host from mysql.user;
Here is the output:
+------------------+-----------+
| user | host |
+------------------+-----------+
| alice | localhost |
| bob | localhost |
| mysql.infoschema | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+------------------+-----------+
6 rows in set (0.00 sec)C) Using MySQL DROP USER to drop a connected user
First, create a new database called people:
mysql> create database people;Second, select the people database:
mysql> use people;Third, create a new table persons in the people database:
mysql> create table persons(
-> id int auto_increment,
-> firstName varchar(100) not null,
-> lastName varchar(100) not null,
-> primary key(id));Fourth, grant all privileges on the people database to the account user alice:
mysql> grant all privileges on people.* to alice@localhost;Fifth, launch another session and connect to the database using the user alice@localhost:
mysql -u alice -pType the password for the user account alice and press the Enter key:
Enter password: ************Sixth, select the people database:
mysql> use people;Seventh, insert a row into the persons table:
mysql> insert into persons(firstname, lastname) values('John','Doe');Suppose that you want to drop the user alice@localhost.
However, the user account alice@localhost is still connected to MySQL Server. If you drop a currently connected user, the user can operate as normal until the next login. In this case, you should inform the user first.
If you cannot do so, you can kill user sessions first before dropping the user account.
Eighth, use the SHOW PROCESSLIST statement from the root’s session to find the id of the connection:
+----+-----------------+-----------------+--------+---------+-------+------------------------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+----+-----------------+-----------------+--------+---------+-------+------------------------+------------------+
| 4 | event_scheduler | localhost | NULL | Daemon | 31803 | Waiting on empty queue | NULL |
| 20 | root | localhost:63851 | NULL | Query | 0 | starting | show processlist |
| 21 | alice | localhost:64060 | people | Sleep | 14 | | NULL |
+----+-----------------+-----------------+--------+---------+-------+------------------------+------------------+As you see, the user account alice@localhost has the connection id id 21.
Ninth, terminate process 21 by using the KILL statement:
KILL 21;
The user account alicereceived an error message if he/she issue any query:
ERROR 2013 (HY000): Lost connection to MySQL server during queryFinally, execute the DROP USER statement to remove the user account alice@localhost.
DROP USER alice@localhost;In this tutorial, you have learned how to use the MySQL CREATE USER, DROP USER to create a new user and remove one or more user accounts in the database server.
