How do I change a user's password in Oracle?

alter user <user> identified by <password>;

Expanding the @Randy answer, you also can use the following (undocumented) sentence to set a password without knowing the real one:

alter user <user> identified by values '<encrypted password>';

You can get the encryped values for passwords on PASSWORD column on the table DBA_USERS. Its nice, for instance to migrate a database to another one and copy the password without knowing it. The password owner have not to be disturbed.

In some scenarios (for example, if password complexity verification function has been enabled) you have to use the following one:

alter user <user> identified by '<newpassword>' replace '<currentpassword>';

As reference, you can check in the Oracle® Database SQL Reference the ALTER USER command, and the INDENTIFIED BY clause.

The downside of using the alter user command to change a password is that the command (and the password) is transmitted in clear text over the network.

If you are not using any other methods to ensure a secure connection (ssh, Oracle advanced security, etc.) I would advise to instead use the password command.

Since Oracle 8 you have the option to use password user_name or passw user_name

SQL> passw scott
Changing password for scott
New password:
Retype new password:
Password changed

There is a post by Pete Finnigan about this topic.

It's pretty much what Randy said. If you need some other commands, try going to http://www.ss64.com/ora/. There's a nice list of command divided in categories such as cluster, users and you can find pretty much anything you need by browsing around that website.