To change a Django user's password in the database, keep in mind that Django stores passwords in a hashed format—you must never set them as plain text directly in the database.

So the correct way to change a user’s password is by using Django’s Shell or its official APIs. Below are the proper methods:

• Method 1: Using Django Shell (Recommended)

  This is the safest and most recommended method.

python manage.py shell

then

from django.contrib.auth.models import User
user = User.objects.get(username='your_username')
user.set_password('new_secure_password')
user.save()

• Method 2: Using the Django Admin Panel

  If you have access to the admin interface:

• Log into Django Admin.

• Go to the "Users" section.

• Select the user you want to update.

• In the "Password" field, click the link that says:
  This form doesn’t display the user’s password, but you can change it using this form.

• Enter the new password and save.

• Incorrect Method: Direct Database Modification

  If you directly modify the password field in the auth_user table, you must use a properly hashed password (e.g., using PBKDF2).
  This is strongly discouraged unless you fully understand Django's hashing mechanism.

  Example of a hashed password:

pbkdf2_sha256$600000$wB4mO...$aUthBa...