Note:
Beginning with FortiOS v7.2.4, the maintainer account has been removed. As a result, this password reset method is no longer supported.

Refer to the FortiOS v7.2.4 Release Notes: Changes in default behavior.

To reset the admin account password using the maintainer account, it is necessary to power cycle the secondary unit, then follow the steps indicated in Technical Tip: Resetting a lost admin password.

HA status will show 'out-of-sync' for a while as the output below, but it will be 'in-sync' after it successfully synchronizes the admin's password.

# get system ha status
.
.
FGXXXXXXXXX(updated 3 seconds ago): in-sync
FGXXXXXXXXX(updated 0 seconds ago): out-of-sync

HA checksum will be mismatched on 'global' since the admin account belongs to the global configuration as shown in the output below. The checksum will match once the admin password is successfully synchronized across the cluster.

# diagnose sys ha checksum cluster

================== FGXXXXXXXXX ==================

is_manage_primary()=1, is_root_primary()=1
debugzone
global: 75 85 ac 22 21 c9 5c c9 31 bb 96 e4 43 0d cb d4
root: 74 1f 84 68 8e 7b d5 b0 ff 65 5c 70 bb 99 15 a8
all: 81 20 d1 6b 41 30 d5 b6 37 dd 53 ed 86 96 b7 78

checksum
global: 75 85 ac 22 21 c9 5c c9 31 bb 96 e4 43 0d cb d4
root: 74 1f 84 68 8e 7b d5 b0 ff 65 5c 70 bb 99 15 a8
all: 81 20 d1 6b 41 30 d5 b6 37 dd 53 ed 86 96 b7 78

================== FGXXXXXXXXX ==================

is_manage_primary()=0, is_root_primary()=0
debugzone
global: ab d7 a4 7d f1 2c ff 3b 45 08 c7 93 9c ad 85 e0
root: 74 1f 84 68 8e 7b d5 b0 ff 65 5c 70 bb 99 15 a8
all: 2c 1b 85 97 92 71 3d cf 87 85 51 b9 e3 da 12 51

checksum
global: ab d7 a4 7d f1 2c ff 3b 45 08 c7 93 9c ad 85 e0
root: 74 1f 84 68 8e 7b d5 b0 ff 65 5c 70 bb 99 15 a8
all: 2c 1b 85 97 92 71 3d cf 87 85 51 b9 e3 da 12 51

Log description as shown in the screenshot below: