Prerequisites:

1. FortiGate is connected and managed in FortiGate Cloud and the connectivity status is up.
2. FortiCloud Premium subscription.

Procedure:

To remove the two-factor authentication on a FortiGate with FortiGate Cloud paid subscription, follow these steps:

1. From the FortiGate Cloud page, go to Management from the left side menu -> Script and select Add.
   

2. Once the Add Script prompt appears, enter the Script Name and the CLI script to remove the two-factor authentication. Once done, select 'OK'.

config system admin

    edit "admin"
         unset two-factor
    next
end

If multi-vdom is enabled on the FortiGate, use the following script instead:

config global
    config system admin
        edit "admin"
            unset two-factor
        next
    end

3. From the FortiGate Cloud Assets List View page, select the gear icon below the 'Action' column and select 'Run Script'

4. Select the script name from the drop-down menu. It is possible to execute the script immediately by selecting 'Immediate' or setting a schedule to run the script. Select 'Submit'.

If there are no errors in the script, it will take effect immediately or on the scheduled date and time.

Related articles:
Technical Tip: Recover access to FortiGate via FortiCloud
Technical Tip: Reset FortiGate admin password via FortiGate Cloud