Tag: Password Recovery

FortiGate Firewall Admin Credentials lost

August 5, 2014October 20, 2015 · 5 Comments ·

Resetting a lost admin password:

Periodically a situation arises where the FortiGate needs to be accessed or the

Admin account’s password needs to be changed, but no one with the existing

password is available. If you have physical access to the device and a few other

tools then the password can be reset.

Warning:

This procedure will require the reboot of the FortiGate unit.

You need:

• Console cabel

• Terminal software such as Putty.exe (Windows) or Terminal (Mac OS)

• Serial number of the FortiGate device

Step-1: Connect the computer to the firewall via the Console port on the

back of the unit.

In most units this is done either by a Serial cable or a RJ-45 to

Serial cable. There are some units that use a USB cable and

FortiExplorer to connect to the console port.

Console cable

Virtual instances will not have any physical port to connect to so

you will have to use the supplied VM Hosts’ console connection

utility.

Step 2: Start your terminal software.

Step 3: Connect to the firewall using the following:

Step 4:

The firewall should then respond with its name or hostname. (If it

doesn’t try pressing “enter”)

Step 5:

Reboot the firewall. If there is no power button, disconnect the

power adapter and reconnect it after 10 seconds. Plugging in the

power too soon after unplugging it can cause corruption in the

memory in some units.

Step 6:

Wait for the Firewall name and login prompt to appear. The

terminal window should display something similar to the following:

FortiGate-60C (18:52-06.18.2010)

Ver:04000010

Serial number: FGT60C3G10016011

CPU(00): 525MHz

Total RAM: 512 MB

NAND init… 128 MB

MAC Init… nplite#0

Press any key to display configuration menu…

……

reading boot image 1163092 bytes.

Initializing firewall…

System is started.

<name of Fortinet Device> login:

Step 7:
Type in the username:
maintainer

Step 8:

The password is
bcpb + the serial number of the firewall (letters of

the serial number is in UPPERCASE format)

Example:

bcpbFGT60C3G10016011

Note:

On some devices, after the device boots, you have

only 14 seconds or less to type in the username and

password. It might, therefore, be necessary to have the

credentials ready in a text editor, and then copy and paste

them into the login screen. There is no indicator of when

your time runs out so it is possible that it might take more

than one attempt to succeed.

Step 9:

Now you should be connected to the firewall. To change the admin

password you type the following…

In a unit where vdoms are not enabled:

config system admin

edit admin

set password <psswrd>

end

In a unit where vdoms are enabled:

config global

config system admin

edit admin

set password <psswrd>

end

Warning:

Good news and bad news. Some might be worried that there is a backdoor into

the system. The maintainer feature/account is enabled by default, but the better

news is, if you wish, there is an option to disable this feature. The bad news is

that if you disable the feature and lose the password without having someone

Else that can log in as a superadmin profile user, you will be out of options.

If you attempt to use the maintainer account and see the message on the

console, “PASSWORD RECOVERY FUNCTIONALITY IS DISABLED“, this

means that the maintainer account has been disabled.

Disabling the maintainer feature/account

Use the following command in the CLI to change the status of the maintainer

Account

To disable

config system global

set admin-maintainer disable

end

To enable

config system global

set admin-maintainer enable

end

Source: Fortinet

Safer Internet Day 2014

February 13, 2014October 20, 2015 · Leave a comment ·

Safer Internet Day (SID):

Safer Internet Day (SID) is organized by Insafe in February of each year to promote safer and more responsible use of online technology and mobile phones, especially amongst children and young people across the world.

Safer Internet Day 2014 was celebrated on 11 February 2014, with the strapline of “Let’s create a better internet together”. The day was a great success.

Like any observance day, Safer Internet Day also promises lot of opportunities to making the cyber space a very positive and creative tool for each Netizen.

Safer Internet Day was initiated by the European commission and in due time the whole world has embraced the concept and stated observing globally. DISC Foundation (Developing Internet Safe Community) is the formal committee to observe this event in India.

ABOUT SAFER INTERNET DAY:

Over the years, Safer Internet Day (SID) has become a landmark event in the online safety calendar. Starting as an initiative of the EU SafeBorders project in 2004 and taken up by the Insafe network (www.saferinternet.org) as one of its earliest actions in 2005, Safer Internet Day has grown beyond its traditional geographic zone and is now celebrated in more than 100 countries worldwide, and across all continents.

From cyber bullying to social networking, each year Insafe aims to be at the forefront of emerging online issues and chooses a topic reflecting current concerns. For SID 2013 we focused on online rights and responsibilities, as we encouraged users to ‘connect with respect’. For SID 2014, the focus will be on “Let’s create a better internet together“.

Insafe, a network set up within the Safer Internet Programme

In 1999, the European Commission (EC) created the Safer Internet Programme, with the aim of promoting safe, responsible use of the internet by children and young people, and protecting them from illegal and harmful content and conduct online. The programme is managed by the Directorate General for Information, Society and Media and highlights the shared responsibility of NGOs, educational establishments, law enforcement bodies, industry and families in online safety initiatives across the European Union member states. In 2004, the Insafe network was set up to spearhead awareness activities within the Safer Internet Programme.

View the 2014 SID video spot here…

To find out more about Safer Internet Day and how it started, watch this video:

How to protect yourself:

Don’t use your personal information like birth date as your password or user ID
Don’t use, easy security question others can be guessed for password recovery option.
Don’t leave passwords for plain view like notebooks, or on the desktop of your computer.
Don’t use the same password for multiple sites.
Do create a strong password which is more than 8 characters long with a mix of capital letters, numbers and signals.
Do check for the address of the website before you enter your financial information. Often crooks use fake sites with a slightly different domain name to cheat people.
Do stay away from illegal activities like watching pornography. Watching child pornography will invite swift action from the authorities that may land you in prison.
Do not install free unknown software in your computer. The software may be useful for all the purposes it was intended, but it can be a spyware too. Your personal information and data can be sent to distant servers by this kind of spyware.
Above all, be a responsible Netizen. Remember that all the laws which are applicable in the real world are applicable in the cyberspace too. There is no real anonymity for your actions in the internet.

And while SID 2014 have now passed, Safer Internet Day 2015 date is now set for Tuesday, 10 February 2015 – mark the date in your diaries, and keep checking for the latest information.

Wish you all the best and hope

Enjoy your life online, Stay safe, and Stay in control

Source: saferinternetday, saferinternet, saferinternetday.in, discfoundation

What makes a Strong Password

April 3, 2012October 21, 2015 · 2 Comments ·

Use This Infographic to Pick a Good, Strong Password :

There are few things quite as important as choosing a strong password—at least in the area of online security. If you’re looking to beef up your passwords, here are plenty of great tips consolidated into one great image.