sa account

when MS SQL is installed, the sa account is create with full admin permissions on all databases (there are on install, only four, so i am thinking that it is in the model database as the default owner for new dbs? or as part of server admin?).

WIndows authentication disables the sa account and changes the password.  If the account is enabled in mixed mode,, you could be compromised by a brute force or dictionary attack.  The Window accounts would presumably turn off after three/five attempts and make a brute force less forceful.  

You can rename sa in the GUI or t-sql

ALTER LOGIN sa WITH NAME = richard

you can disable it in the GUI (SSMS) or via t-sql

ALTER LOGIN sa DISABLE
ALTER LOGIN sa ENABLE
 

 

Advertisements