Changing your Joomla! MySQL database password without a loss of service is done as follows,

1) Open  the existing configuration.php file for Joomla! (found in your web site root) and print or save the details. This gives you a backup copy.

2) Use your cpanel (generally cpanel but there may be other hosting backends to access the MySQL database users) and add a new database user with a suitably strong password. Take care here and observe the cpanel error messages. Unless the password is strong enough it won’t save the values.

3) Assign this new MySQL database user to your existing Joomla database with all privileges.  Thus it is running in parallel with the existing MySQL database user.

4) Now edit the configuration.php file for Joomla! (found in your web site root) and change the two entries,

$db =
$password =

to these new MySQL database user values and then save that file back to the server. Joomla! will now be using this new database user.

5) Then you must verify this is true by going into the administration for Joomla and looking under Site -> Global Configuration ->Server and seeing that the database settings username is the new username.

6) If so then use cpanel to delete the old MySQL username or at  the very least change the password to something new.

Why do it this way – why not just change the MySQL database password ?  Because of timing, you cannot change the MySQL database password and the configuration.php file instantaneously. By adding a new database user that is waiting to be used and then changing Joomla configuration there is no loss of service and you can easily verify that it is working on the new setting by checking the Joomla administration screens.

A third party ideally should not know your MySQL passwords or be able to access your MySQL databases remotely but on shared hosting where there is just one MySQL engine running then any account on that machine can access your databases if they knew the database and username and password details.