MongoDB what are the default user and password?
MongodbMongodb Problem Overview
I am using the same connection string on local and production.
When the connection string is mongodb://localhost/mydb
What is the username and password? Is it secure to keep it this way?
Mongodb Solutions
Solution 1 - Mongodb
By default mongodb has no enabled access control, so there is no default user or password.
To enable access control, use either the command line option --auth
or security.authorization configuration file setting.
You can use the following procedure or refer to Enabling Auth in the MongoDB docs.
Procedure
-
Start MongoDB without access control.
mongod --port 27017 --dbpath /data/db1
-
Connect to the instance.
mongo --port 27017
-
Create the user administrator.
use admin db.createUser( { user: "myUserAdmin", pwd: "abc123", roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] } )
-
Re-start the MongoDB instance with access control.
mongod --auth --port 27017 --dbpath /data/db1
-
Authenticate as the user administrator.
mongo --port 27017 -u "myUserAdmin" -p "abc123" \ --authenticationDatabase "admin"
Solution 2 - Mongodb
In addition with what @Camilo Silva already mentioned, if you want to give free access to create databases, read, write databases, etc, but you don't want to create a root role, you can change the 3rd step with the following:
use admin
db.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" },
{ role: "dbAdminAnyDatabase", db: "admin" },
{ role: "readWriteAnyDatabase", db: "admin" } ]
}
)
If you have already created the user, you can update the user as follows:
First log on:
mongo --port 27017 -u "myUserAdmin" -p "abc123" \
--authenticationDatabase "admin"
The add permissions:
use admin
db.grantRolesToUser(
"myUserAdmin",
[ { role: "userAdminAnyDatabase", db: "admin" },
{ role: "dbAdminAnyDatabase", db: "admin" },
{ role: "readWriteAnyDatabase", db: "admin" } ]
)
Solution 3 - Mongodb
For MongoDB earlier than 2.6, the command to add a root user is addUser
(e.g.)
db.addUser({user:'admin',pwd:'<password>',roles:["root"]})
Solution 4 - Mongodb
In addition to previously provided answers, one option is to follow the 'localhost exception' approach to create the first user if your db is already started with access control (--auth
switch). In order to do that, you need to have localhost access to the server and then run:
mongo
use admin
db.createUser(
{
user: "user_name",
pwd: "user_pass",
roles: [
{ role: "userAdminAnyDatabase", db: "admin" },
{ role: "readWriteAnyDatabase", db: "admin" },
{ role: "dbAdminAnyDatabase", db: "admin" }
]
})
As stated in MongoDB documentation:
> The localhost exception allows you to enable access control and then create the first user in the system. With the localhost exception, after you enable access control, connect to the localhost interface and create the first user in the admin database. The first user must have privileges to create other users, such as a user with the userAdmin or userAdminAnyDatabase role. Connections using the localhost exception only have access to create the first user on the admin database.
Here is the link to that section of the docs.
Solution 5 - Mongodb
mongod --bind_ip_all --auth
use this command after modifying the .conf file:
network interfaces
net:
port: 27017
bindIp: 127.0.0.1,mongodb_server_ip
Solution 6 - Mongodb
Go to mongo in your instance
mongo
use admin
db.createUser({user:"Username", pwd:"Password", roles:[{role:"root", db:"admin"}]})