The default administrator account, named
admin, initially has no password.
Unlike other administrator accounts, the
admin administrator account exists by default and cannot be deleted. The
admin administrator account is similar to a root administrator account. This administrator account always has full permission to view and change all FortiWeb configuration options, including viewing and changing all other administrator accounts. Its name and permissions cannot be changed.
Before you connect the FortiWeb appliance to your overall network, you should configure the
admin account with a password to prevent others from logging in to the FortiWeb and changing its configuration.
|Set a strong password for the
- Go to System > Admin > Administrators.
To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Admin Users category. For details, see Permissions.
- In the row corresponding to the
adminadministrator account, mark its check box.
- Click Change Password.
- In the Old Password field, do not enter anything. In its default state, there is no password for the
- In the New Password field, enter a password with sufficient complexity and number of characters to deter brute force attempts and other attacks.
- In the Confirm Password field, enter the new password again to confirm its spelling.
- Click OK.
- Click Logout.
|If you have configured Password Policy in System > Admin > Settings, follow the settings when entering the new password.|
FortiWeb logs you out. To continue using the web UI, you must log in again. The new password takes effect the next time that
admin administrator account logs in.
Enter the following commands:
config system admin
set password <new-password_str> ''
<new-password_str> is the password for the administrator account named
FortiWeb logs you out. To continue working in the CLI, you must log in again using the new password.
|If you have configured