Hello, Can you clarify what you mean with "non-admin"? Only a PAM user with administrative rights can initiate a password update. I suspect you confuse the user that initiates a workflow with the target account that is used to update the password of another target account, or maybe updates its own password. The "Changed By" column refers to who initiated the workflow in PAM, not which account logged on to the credential source to perform the update. If you are logged on to PAM as user "super" and update a target account password, then "Changed By" will be "super". If you have a scheduled job defined that updates all accounts in a target group, then the scheduled job initiates the workflow, rather than a PAM user, and "Changed By" will be "ScheduledJob" for all account updates performed by the scheduled job.