Chapter 18 Troubleshooting : ­Verifying FortiGate admin access security : Change the admin account name and limit access to this account
  
Change the admin account name and limit access to this account
The default super_admin administrator account, admin, is a well known administrator name so if
this account is available it could be easier for attackers to access the FortiGate unit because
they know they can log in with this name, only having to determine the password. You
can improve security by changing this name to one more difficult for an attacker to guess.
To do this, create a new administrator account with the super_admin admin profile and log in as
that administrator. Then go to System > Admin > Administrators and edit the admin
administrator and change the Administrator name.
Once the account has been renamed you could delete the super_admin account that you just
added. Consider also only using the super-admin account for adding or changing
administrators. The less this account is used to less likely that it could be compromised.
You could also store the account name and password for this account in a secure location in
case for some reason the account name or password is forgotten.