How hard can it be to change the password to the SA account in SQL Server? It is a good idea to make the password a very difficult password (using letters, numbers, special characters, etc.) and not use the account for anything except emergencies. However, this isn’t always possible. Sometimes a third-party application accesses the database using the SA account, and that can’t always be changed. So if you need to change the password, what do you do?
It is usually a fairly basic process, you change the SA password, then alter the third-party login to use then new password. But what if the third-party application won’t accept the new password? What if you need to go back to the old password?
You should make sure you have a way to change passwords, specifically if you have to move the database to a new server because of hardware failure or incident recovery requirements. This knowledge-base article from Microsoft tells you how to get the scripted user accounts. I suggest you script out the accounts on a regular basis and store them in a file in case you need them. I have a job that runs each Friday to script out all the database logins to a text file. Save the actual passwords of each account is a separate file, and keep it secure.