Recover access to your Sophos UTM in the event of password loss

  • Article ID: 115346
  • Rating:
  • 77 customers rated this article 3.8 out of 6
  • Updated: 11 Nov 2014

If you have forgotten all passwords for accessing the WebAdmin (i.e., the 'admin' account) and/or the UTM console user accounts (i.e., 'loginuser' and root) there is still a way to regain access.

This article explains how you can regain access to the WebAdmin if you have been locked out or go further and fully reset the different console users' passwords.

Known to apply to the following Sophos product(s) and version(s)

Sophos UTM

Operating systems
V7, V8, V9

What To Do

Reset WebAdmin password

If you cannot login to the WebAdmin with the 'admin' account but you know the password for root and have either direct access to the UTM or can connect to the UTM with SSH follow steps one to five below.  Otherwise see the section 'Reset all passwords' below.

  1. Either go to the actual UTM or connect via SSH.
  2. Login using the root account/su to root.
  3. Type: cc
  4. Type: RAW
  5. Type: system_password_reset

The next attempt to access the WebAdmin will show the 'Admin password setup' screen where you can enter a new password for the 'admin' account as show in the screenshot below.

Reset all passwords

On UTM 120 hardware appliances, or software appliances where it is not possible to login to the console (when the passwords are missing), it is still possible to reset the passwords if you have direct physical access to the UTM.

Note: On a hardware appliance you must connect a keyboard and monitor to the UTM in order to interrupt the boot sequence.

  1. Shutdown the UTM.
  2. Ensure both a monitor and a keyboard are connected the UTM.
  3. Power on the UTM, wait until the GRUB boot loader starts...

    ...and then press the ‘Esc’ key before the short timeout expires.
  4. Highlight (do not press enter/return and use only the arrow keys) the version of software the UTM is running that does not mention either 'previous' or 'rescue'. In the screenshot below the 'Sophos UTM 9.1' item is highlighted.
  5. Press the 'e' key on the keyboard.
  6. Highlight (again do not press enter) the second option in the list shown on screen that starts with the word 'kernel'.
  7. Press the 'e' key on the keyboard.
  8. Type: init=/bin/bash
  9. Press enter and wait for the screen to reload.
  10. Press the 'b' key on the keyboard. The UTM will boot up.
  11. Type: passwd loginuser
  12. Enter and re-enter a new password for the 'loginuser' account.
  13. Type: passwd root
  14. Enter and re-enter a new password for the root account.
    Note: Steps 11 to 14 are shown in the screenshot below.
  15. Press Ctrl+Alt+Del on the keyboard. The UTM will reboot.
  16. Login as root with the newly set password and reset the password for the WebAdmin's 'admin' account as shown below.
  17. Connect to the WebAdmin as normal (refresh the browser to clear any previous connection if required).
  18. Set a new password for the 'admin' account.

You now have access to the WebAdmin and have reset the console user accounts' passwords.

Local network is missing in the 'allowed networks' of the WebAdmin

If you cannot get to the WebAdmin login page, the allowed networks may have changed.  You can change the allowed networks with the following commands.

  1. Type: cc
  2. Type: webadmin
  3. Type: allowed_networks@
  4. Type: =['REF_NetworkAny']

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent