This article shows you the new behavior of the admin user accounts on the USG FLEX / ATP series, which has changed from FW version 5.10.
The first change is, that we implemented to change your admin password after every firmware update to secure your device. When you login after Firmware update, you will be asked to change your password:
This function can not be disabled and is required after each Firmware Update.
The second Part which has been changed is the separation of the admin users under Configuration -> Object -> User/Group -> User. Here you find now a section for local admin user and "normal" users:
In the section of local administrator, you will find the pre defined admin user which is already "Built-In" as default admin user.
You can add additional admin users, go to Configuration -> Object -> User/Group -> User and add a user name and a password:
When you add additional admin users, you will see the creation date (which will not changed for the default admin user) and when the password has been changed the last time and when the next change is scheduled.
You can use as well the 2FA for admin user after creation of the admin user:
You need to add a email address or an mobile number to the user. For more information please check:
Two Factor Authentication with Google Authenticator for Admin Access
Two-Factor Authentication (per Mail) on Zywall/USG
In the list of all users you will see the Password Expiry Date, which has been set to 180 days in the default configuration. You can change the amount of days under Configuration -> Object -> User/Group -> Setting (maximum is one year):
As usual, you can put several users in one User Group:
Go to Configuration -> Object -> User/Group -> Group and add a new group or change a existing one:
(Be aware that the built in admin user can not be added into a group, but you can put all manual added users in one group)