lolcreds

Public credential defaults and exposure patterns for authorized security testing.

Fortinet FortiGate / FortiOS

Fortinetnetwork5 credentials1 default credential

Credentials5 documented
01

Initial Administrator Login

fortinet-fortigate / initial-admin-login

FortiGate appliances use a local admin account for first login and management. Fortinet getting-started documentation describes signing in with username admin and no password before the operator sets a password.

static defaultuser definedsecretusername/password

Default credentials

admin

Location

public interface
FortiGate GUI, console, SSH, and REST API

Initial and ongoing administrative login surfaces

config file

system admin configuration in FortiOS configuration exports

artifact

device backups and FortiManager/FortiGate configuration archives

Notes

The blank-password initial state is only for first access/new deployments and should be changed immediately; many appliances and managed deployments require or enforce a changed password.

02

Local Administrator Password

fortinet-fortigate / local-admin-password

FortiOS local administrators are configured under config system admin. Passwords may appear as encrypted set passwd or password material in configuration backups.

user definedsecretusername/password

Looks like

pattern
pattern

FortiOS table entry for a local admin; nearby set passwd line carries the password hash/encoded value

^\s*edit\s+"?[^"]+"?\s*$
pattern

FortiOS encrypted administrator password line in config system admin

^\s*set\s+passwd\s+ENC\s+\S+

Location

config file

config system admin in FortiOS configuration

public interface
FortiGate GUI / SSH / CLI / API

Management surfaces accepting administrator credentials

secret store

password managers, FortiManager managed secrets, and deployment vaults

artifact

configuration backups and support bundles

03

REST API Administrator Token

fortinet-fortigate / rest-api-admin-token

FortiGate REST API administrators use API keys/tokens for automation access. Tokens are supplied to the FortiOS API and inherit the configured API administrator profile.

generated on installuser definedsecrettoken

Location

http header
Authorization

Bearer token or API-token header material used by FortiOS REST API clients

config file

automation scripts, Ansible inventory, Terraform provider config, and .env files

environment
FORTIOS_ACCESS_TOKEN, FORTIGATE_TOKEN, FGT_TOKEN
secret store

CI/CD variables and automation secret stores

source code

network automation repositories and tests

logs

API client traces and failed request logs

Notes

FortiOS API tokens provide administrative API access according to the associated API administrator profile and trusthost restrictions.

04

IPsec VPN Pre-Shared Key

fortinet-fortigate / vpn-psk

FortiGate phase1-interface and related VPN objects can contain IPsec pre-shared keys used to authenticate VPN peers.

user definedsecretsecret value

Looks like

pattern
pattern

encrypted IPsec PSK in FortiOS configuration

^\s*set\s+psksecret\s+ENC\s+\S+
pattern

plaintext or exported PSK line in a VPN phase1 context

^\s*set\s+psksecret\s+"?[^"\r\n]+"?$

Location

config file

vpn ipsec phase1-interface / phase1 FortiOS configuration

artifact

configuration backups, support bundles, and migration exports

source code

network-as-code and VPN provisioning templates

05

SNMP / RADIUS / TACACS+ Shared Secrets

fortinet-fortigate / snmp-and-aaa-secrets

FortiOS stores SNMP community strings and AAA server shared secrets for monitoring and centralized authentication.

user definedsecretsecret value

Looks like

pattern
pattern

SNMP community string line in FortiOS config

^\s*set\s+community\s+"?[^"\r\n]+"?$
pattern

encrypted RADIUS/TACACS+/LDAP-related shared secret in FortiOS config

^\s*set\s+secret\s+ENC\s+\S+

Location

config file

system snmp community and user radius/tacacs/ldap server configuration

artifact

FortiGate configuration backups and FortiManager exports

source code

monitoring and AAA provisioning templates

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.