If we forgot a password for the user admin on our SFR module, we will find ourselves in a problem, sooner or later. We don’t have to know this password in a regular operations, but for troubleshooting purposes, we cannot live without it. So, as long as we have access to our ASA firewall, the procedure is straight forward.
From the ASA we issue a command:
session sfr do password-reset
It is as simple as this.
Now, some articles say that this does not work. Well, it does, but we have to have in mind that this sets admin password to the platform default, which on 6.2.0 is Admin123. For other platforms it could be something else, so this is something we have to have in mind. What is the default password can be found in the documentation.
Once we have a password set to the default, we need to set something that works for us. We need to connect to the SFR console session and change the password:
webvpn-BN-DR/sec/actNoFailover#
webvpn-BN-DR/sec/actNoFailover# session sfr console
Opening console session with module sfr.
Connected to module sfr. Escape character sequence is ‘CTRL-^X’.Authorized users only! Any access to this system is monitored!
sfr-bn-DR login: admin
Password: Admin123 (not displayed while typing)
>> configure password
Enter current password: Admin123
Enter new password:
Confirm new password:>
And now we can log in to the module through the ASA or directly via SSH.
If this does not work for some reason, we can re-image the module. Here we can find out how.
Thanks for reading.
popravak 
Almost 1 year passed, you have not written any new firepower blog. Request to write blogs on FTD. Your blogs are perfect and easy to learn.
Really sorry about that. Been very bussy lately. Hope to catch up soon 🙂
Hello, your articles save me TAC time and frustration.
Thank you.
What are the command line options for session sfr do? I can’t find much documentation either.