Fortigate - Ensure default admin usernames are not used

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Ensure the default admin username is not used. The default super_admin administrator account, admin, is a well known administrator name so if this account is available it could be easier for attackers to access the FortiGate unit because they know they can log in with this name, only having to determine the password. You can improve security by changing this name to one more difficult for an attacker to guess.

Solution

To do this, create a new administrator account with the super_admin admin profile and log in as that administrator. Then go to System > Admin > Administrators and Edit the admin administrator and change the Administrator name.
Once the account has been renamed you could delete the super_admin account that you just added. Consider also only using the super-admin account for adding or changing administrators. The less this account is used to less likely that it could be compromised. You could also store the account name and password for this account in a secure location in case for some reason the account name or password is forgotten.

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-2

Plugin: FortiGate

Control ID: b41322d58e9efd5281ca96c63a8effeea4e8e274d6eecdaa7fa95a049edd6235