Syntax:

REVOKE
priv_type [(column_list)]
[, priv_type [(column_list)]] ...
ON [object_type] priv_level
FROM user [, user] ...

REVOKE ALL PRIVILEGES, GRANT OPTION

FROM user [, user] ...

REVOKE PROXY ON user

FROM user [, user] ...

The REVOKE statement enables system administrators to revoke privileges

from MySQL accounts. Each account name uses the format described in
https://mariadb.com/kb/en/create-user#account-names. For example:

REVOKE INSERT ON *.* FROM 'jeffrey'@'localhost';

If you specify only the user name part of the account name, a host name
part of '%' is used.

For details on the levels at which privileges exist, the permissible

priv_type and priv_level values, and the syntax for specifying users
and passwords, see [HELP GRANT]

To use the first REVOKE syntax, you must have the GRANT OPTION
privilege, and you must have the privileges that you are revoking.

To revoke all privileges, use the second syntax, which drops all
global, database, table, column, and routine privileges for the named
user or users:

REVOKE ALL PRIVILEGES, GRANT OPTION FROM user [, user] ...

To use this REVOKE syntax, you must have the global CREATE USER
privilege or the UPDATE privilege for the mysql database.

URL: https://mariadb.com/kb/en/revoke/

Syntax:
SET PASSWORD [FOR user] =
{
PASSWORD('cleartext password')
| OLD_PASSWORD('cleartext password')
| 'encrypted password'
}

The SET PASSWORD statement assigns a password to an existing MySQL user

account. When the read_only system variable is enabled, the SUPER
privilege is required to use SET PASSWORD, in addition to whatever
other privileges might be required.

If the password is specified using the PASSWORD() or OLD_PASSWORD()

function, the cleartext (unencrypted) password should be given as the
argument to the function, which hashes the password and returns the
encrypted password string. If the password is specified without using
either function, it should be the already encrypted password value as a
literal string. In all cases, the encrypted password string must be in
the format required by the authentication method used for the account.

The old_passwords system variable value determines the hashing method

used by PASSWORD(). If you specify the password using that function and
SET PASSWORD rejects the password as not being in the correct format,
it may be necessary to set old_passwords to change the hashing method.
For descriptions of the permitted values, see
https://mariadb.com/kb/en/server-system-variables#old_passwords.

With no FOR user clause, this statement sets the password for the
current user. (To see which account the server authenticated you as,
invoke the CURRENT_USER() function.) Any client who successfully
connects to the server using a nonanonymous account can change the
password for that account.

With a FOR user clause, this statement sets the password for the named
user. You must have the UPDATE privilege for the mysql database to do
this. The user account name uses the format described in
https://mariadb.com/kb/en/create-user#account-names. The user
value should be given as 'user_name'@'host_name', where 'user_name' and
'host_name' are exactly as listed in the User and Host columns of the
mysql.user table row. (If you specify only a user name, a host name of
'%' is used.) For example, to set the password for an account with User
and Host column values of 'bob' and '%.example.org', write the
statement like this:

SET PASSWORD FOR 'bob'@'%.example.org' = PASSWORD('cleartext password');

URL: https://mariadb.com/kb/en/set-password/