From 5a45563f1bd8580fbd2d9e2a708e047142f689be Mon Sep 17 00:00:00 2001
From: Arthur Passos <arthur.ti@outlook.com>
Date: Fri, 26 Jul 2024 14:36:58 -0300
Subject: [PATCH] add note about downgrading

---
 docs/en/sql-reference/statements/alter/user.md  | 4 +++-
 docs/en/sql-reference/statements/create/user.md | 6 ++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/docs/en/sql-reference/statements/alter/user.md b/docs/en/sql-reference/statements/alter/user.md
index 959f98b0db1..9c581655a3c 100644
--- a/docs/en/sql-reference/statements/alter/user.md
+++ b/docs/en/sql-reference/statements/alter/user.md
@@ -69,7 +69,9 @@ Adds new authentication methods to the user while keeping the existing ones:
 ALTER USER user1 ADD IDENTIFIED WITH plaintext_password by '1', bcrypt_password by '2', plaintext_password by '3'
 ```
 
-Note: `no_password` can not co-exist with other authentication methods for security reasons.
+Note:
+1. Older versions of ClickHouse might not support the syntax of multiple authentication methods. Therefore, if the ClickHouse server contains such users and is downgraded to a version that does not support it, such users will become unusable and some user related operations will be broken. In order to downgrade gracefully, one must set all users to contain a single authentication method prior to downgrading. Alternatively, if the server was downgraded without the proper procedure, the faulty users should be dropped. 
+2. Note: `no_password` can not co-exist with other authentication methods for security reasons.
 Because of that, it is not possible to `ADD` a `no_password` authentication method. The below query will throw an error:
 
 ``` sql
diff --git a/docs/en/sql-reference/statements/create/user.md b/docs/en/sql-reference/statements/create/user.md
index 8bfd9f2797b..0329cf0655a 100644
--- a/docs/en/sql-reference/statements/create/user.md
+++ b/docs/en/sql-reference/statements/create/user.md
@@ -150,8 +150,10 @@ In ClickHouse Cloud, by default, passwords must meet the following complexity re
    CREATE USER user1 IDENTIFIED WITH plaintext_password by '1', bcrypt_password by '2', plaintext_password by '3''
    ```
 
-Note: `no_password` can not co-exist with other authentication methods for security reasons. Therefore, you can only specify
-`no_password` if it is the only authentication method in the query.
+Note:
+1. Older versions of ClickHouse might not support the syntax of multiple authentication methods. Therefore, if the ClickHouse server contains such users and is downgraded to a version that does not support it, such users will become unusable and some user related operations will be broken. In order to downgrade gracefully, one must set all users to contain a single authentication method prior to downgrading. Alternatively, if the server was downgraded without the proper procedure, the faulty users should be dropped.
+2. `no_password` can not co-exist with other authentication methods for security reasons. Therefore, you can only specify
+`no_password` if it is the only authentication method in the query. 
 
 ## User Host