FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 278938
Description This article describes how to stop users from bypassing the FortiAuthenticator agent login option and using default logins.
Scope FortiAuthenticator Agent.

When the Two-factor authentication using the FortiAuthenticator agent is enabled, it can let bypass it by using the local credentials instead of logging in using Fortiauthenticator.

If this issue is faced and to disable the option for logging using the default login option, in the FortiAuthenticator Agent, go to Credential Provider Options, as shown in the image below:




The Permit Built-in Password Providers are turned on by default.

To stop the built-in login option, disable this option.

After disabling, it will not be possible to login using the default option and it will only use the FortiAuthenticator login option.