Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor III

default admin account

friends good day
One question: For security reasons we have to remove all admin accounts from fortigate.




However, the following is displayed on the dashboard:




It is observed that the admin account is associated with the ip, which is a local host.

Would deleting the admin account have any impact?

New Contributor III

Thanks for answering, so it doesn't generate any impact by deleting that account? since in the second image it is displayed that the IP associated with the admin account appears. And from what I understand, that IP is a local host.

Esteemed Contributor III

Actually, from some point of 6.0.x, you can delete "admin" admin user directly without renaming it to something else. We do that all the time to virtually all FGTs we install for our customers. No particular side effect I'm aware of.

Just need to create a new admin user, then re-login in to it with the new user name. Then you can remove the "admin".


config sys admin

   edit "new-admin"

     set accprofile "super_admin"

     set password <whaterver_the_password_is>





Then login with "new_admin".


config sys admin

  delete admin





Hi @unknown1020 



In Foritgate you can rename or delete an admin account without any bad consequences whatsoever.

Here is how to do it on CLI of the FortiGate.

1) Before diving into the config, you may want to know a few facts about the procedure:

2) You cannot rename/delete the admin user while logged in with it.

3) You have to create first another user privileged enough (super_admin) to make changes to admin. This way Fortigate prevents you from locking yourself out of the management.

4) Just renaming the admin does NOT alter its password, so you can still log in with the existing one.

5)You can rename the user back to admin if you want to, i.e. the renaming is reversible.

6) If you delete admin, you can later create a new user named admin again.




- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

Esteemed Contributor III

First, you are currently logged in as 'admin'. Your sessions are shown in the screenshot.

As long as you are logged in, you cannot remove the account.

Create a new administrative account with profile 'super_admin', log out, log in as the new user and delete the 'admin' account.

This will have no adverse effects whatsoever.

Second, what you observe is sessions to '', not ''. The first is the 'localhost' address, that is, the PC you are currently logged in to. The second is indeed a private address of a LAN which is unknown to you (no wonder). So in short, this is perfectly OK.


"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Top Kudoed Authors