Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
kjiye
Staff & Editor
Staff & Editor

Created on ‎08-04-2025 11:14 PM

Article Id 404935

Troubleshooting Tip: Admin account set with FortiToken Mobile/FortiToken OTP cannot connect the GUI of the passive node using the HA interface

Description This article describes that if OTP is set for the administrator account, login will fail when connecting to a passive device, even if the OTP is entered manually.
Scope FortiAuthenticator.
Solution

This occurs when FortiAuthenticator is configured in HA (A-P) and OTP is enabled on the administrator account.
Even if the OTP is manually entered on the passive device, login will fail.


The log remains as below:

 

log.png
Authentication failed, cannot update token attribute in database

 

This will be fixed in v6.5.7, v6.6.5, and v6.7.0.
The connection must be successful if the OTP is manually entered into the passive device.
72
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.