What's the current standard for treatment of the sa user account? I've got a pretty tight password on it, but is it the standard to do something more? Removing the user from sysadmins, removing the user all together?
It's generally better to know than not to know, so I thought I'd ask.
Secure the sa and probe accounts with strong passwords. Assign a strong password and lock away the password in a secure location.
Note: The probe account is used for performance analysis and distributed transactions. Assigning a password to this account can break functionality when used in standard security mode.