Default System Administrator Account Not Renamed

The default system administrator account for SQL Server should be renamed from 'sa'. This account is well-known and is often the target of any database attack. For a simple way to protect this account, rename the user to something other than 'sa' and strengthen the security of the database by creating a new user called 'sa' with a secure password and no privileges.

Suggested Action

Rename the system administrator account to something other than 'sa'.

How to Find the Default System Administrator Account

SELECT name
FROM sys.sql_logins
WHERE sid = 0x01;

How to Rename the Default System Administrator Account

ALTER LOGIN [sa] WITH NAME = [SomethingElse];

Further Reading

ALTER LOGIN (Transact-SQL) | Microsoft Docs