Rename default admin account in Fortinet appliances
A good practice to enhance firewall security is to rename the default administrator account of the box. On Fortigate, default administrator username is admin. If you leave your admin as ‘admin’, then the leftover part of the brute-force password cracking is just a piece of cake.
You need to finish these steps within command line mode. The best way to manage Fortinet devices is using SSH or Serial terminal. If you need help of how to connect to a Fortinet box using Serial terminal, click here.
Fortinet will prevent you from changing your currently logged in account. I assume that you are logged in under the default “admin”. You could not rename “admin” to “yourname” if you are logging under “admin”, it’s reasonable, isn’t it?
- So, the first step is to create a new administrator account.
- Next step is to login using the new account.
- Final step is from the new account, execute the rename command to change “admin” to something else.
Create new administrator account on Fortinet
Do these steps while you are already in privilege mode (logged in as “admin”):
CUSTOMER_FW01# config system admin CUSTOMER_FW01(admin) # edit newadmin new entry ‘newadmin’ added CUSTOMER_FW01(newadmin) # set password Myn3w-password CUSTOMER_FW01(newadmin) # set accprofile super_admin CUSTOMER_FW01(newadmin) # end CUSTOMER_FW01# exit Auto backup config … login.c-__config CUSTOMER_FW01login: newadmin Password: ************** Welcome ! CUSTOMER_FW01#
Rename Fortinet default “admin”
To rename your Fortinet default “admin”, follow these steps:
CUSTOMER_FW01 # config system admin CUSTOMER_FW01 (admin) # rename admin to nimda CUSTOMER_FW01 (admin) #