Starting with FortiOS 7.2.4 the "maintainer" account was removed, meaning this method to reset a password will no longer work.
FortiOS 7.2.4 - Release Notes - Changes in default behavior
"Remove the maintainer account (which allowed users to log in through the console after a hard reboot). Users who lose their password must have physical access to the FortiGate and perform a TFTP restore of the firmware in order to regain access to the FortiGate."
If having access to the firewall with another 'super_admin' and want to reset the 'admin' account password which have been lost/forgotten, follow the below steps:
set accprofile "super_admin"
set vdom "root"
Restore the config from the existing logged-in 'super_admin', after reboot it will prompt to set the password, and it is possible to set the new password.
Once logged into the FortiGate with the maintainer account (as described below), if the FortiGate is running FortiOS 6.0.3 or later, enter the execute factoryreset command to return the FortiGate to its default configuration.
This can be useful if the admin administrator account is deleted.
In newer versions of the BIOS, expect some changes to the behavior of the maintainer account. These changes will include:
Connect the computer to the firewall via the Console port on the back of the unit.
In most units, this is done either by a Serial cable or an RJ-45 to Serial cable. There are some units that use a USB cable and FortiExplorer to connect to the console port.
Resetting a lost admin password for the VM-s using the maintainer account is not possible.
In this case, reverting to a snapshot or re-provisioning the VM and restoring the configuration (without a password for the admin account) is the only solution.
Start the terminal software.
Connect to the firewall using the following:
The firewall should then respond with its name or hostname. (If it does not, try pressing 'enter').
Reboot the firewall.