Be very carful if you change phone ( iPhone) No backup of FortiToken app- token possible and no way to get back in. Since you can’t get back in you have to format the device LOCALY.. support can’t do anything about it. I had the previous phone and tried to restore it without results. 2FA is a double swords if you are not very careful. Solution? Have 2FA on 2 different user-device OR make sure you disable it before changing phones.
No for Fortinet it would be good practice to allow back up for tokens somewhere…
Currently, it is a limitation in FortiGate wherein, the 2FA activated for the Admin user cannot be transferred to another device or could be reset.
As you mentioned, it needs to be disabled first or have another Admin user with 2FA enabled. Another way out is, to have an Admin account with 2FA however with super complex password as this can be used as back up in such cases.
Also, to mention, this has been escalated internally as feature request to have reset function available. It might be made available in future versions or in near future.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.