Secure MongoDB with Username and Password

  • Post author:
  • Post category:MongoDB
  • Post last modified:May 9, 2024
  • Reading time:6 mins read
You are currently viewing Secure MongoDB with Username and Password

How to secure or enable MongoDB authentication with a username and password? Significantly, one of the most basic security measures that can be taken with MongoDB is to set up username and password authentication. In this article, we will walk through the steps necessary to secure MongoDB with username and password authentication.

Advertisements

1. Enable Authentication in MongoDB with Secure Username & password

The first step in securing or enabling MongoDB with a username and password is to start datbase with authentication enabled. To do this, open a command prompt as an administrator. Then, navigate to the bin directory of the MongoDB installation folder by providing the following command. My MongoDB is installed at C:\Program Files\MongoDB with version 6.0 hence, I used the below commands.


# Navigation to bin directory
cd "C:\Program Files\MongoDB\Server\6.0\bin"

After that, start the mongod process with the --auth command-line option by specifying the following command, which will start the MongoDB server with authentication enabled.


# Initiating mongod process
mongod --auth

2. Create an Administrative User in the MongoDB shell

The subsequent step is to establish an administrative user to control the MongoDB server. Bydefault, the user will have the root role, which gives them full administrative access to all databases and collections. Now, to create an administrative user, open the mongosh shell by issuing the following command.


# Open mongosh shell
mongosh

This will open the MongoDB shell, which allows us to interact with the MongoDB server. Next, we connected to the MongoDB server by using the following command which will connect to the MongoDB server running on the default host and port.


# Connection to server
mongo

Then, switched to the admin database where administrative users are stored by typing the following command on the console.


# Switch to admin database
user admin

After that, creat the user & password by using the createUser query of MongoDB. Here, we have set the username and the password with the user database we want to secure. The query will create a new user with the root role in the admin database. The root role gives the user full administrative access to all databases and collections.

#Creating admin user
db.createUser({
  user: "MongoUser",
  pwd: "User123",
  roles: ["root"]
})

The query will return the output like this upon successful creation.

mongodb username and password

3. Restart MongoDB to Enabling Authentication

Next up is to restore MongoDB with authentication turned on. To make the changes from the prior step effective, this is required. All we have to do is, exit the mongosh shell by typing the following command.


# Exit the mongosh shell
exit

Afterward, we stopped the mongod process by typing Ctrl+C in the command prompt where it is running and start the mongod process again with the --auth command-line option by running the following command. The command will open the MongoDB server with authentication enabled.


# Opening MongoDB server
mongod --auth

4. Access MongoDB with a Username and Password

Finally, we can connect to MongoDB with a username and password at this stage. This will ensure that only authorized users can access the MongoDB server. For this, we have opened the MongoDB shell and then execute the following command.


#Connection to MongoDB
mongo --username MongoUser --password User123 --authenticationDatabase admin

The --authenticationDatabase option specifies the database that contains the user’s credentials. We can now interact with the MongoDB server regularly once we’re connected.

Here we verified that authentication is working properly by attempting to perform a privileged operation. For example, we listed the users in the admin database by using the following command.


# List users
db.getUsers()

There, we can see the user MongoUser with the details.

secure username and password in MongoDB

As we can see a list of the users in the admin database, including the MongoUser user we created earlier which means that authentication is working properly.

5. Conclusion

In this article I have explained how to secure MongoDB with a username and password step-by-step. Securing MongoDB with username and password authentication is a crucial step in protecting our data. By following the steps outlined in this article, you can enable authentication on the MongoDB server.

Additional details about this topic can be found here.