There is often someone who can prove an answer wrong. That's the beauty of a community forum. While Shikhar is correct in explaining how the password can be changed through automation, there are still issues regarding doing this in practice. Let's say you have a credential for the bot to login to an application, like SAP. Someone has set the password within SAP manually, and that password has been entered into Credential Manager for your automation to use. Now, let's say you automate the generation of a new password in Credential Manager. That newly generated password is encrypted and is not shown in the Credential Manager record. Unless you know how to get the password from Credential Manager to plain text (which I will not explain because it bypasses BP's security), then how will you know what the password is so you can change it in SAS? You could automate the SAS password changing process, and get the new password from Credential Manager, but in practice in my organization we have found that it is much easier to do it manually rather than spending time coding the password-changing process for the 100+ applications that we automate. When we turn over a new automation to production, we train our Help Desk on how to manually change the password in the application. We give them a report every week showing the credentials that will expire that week, and they manually change the password in the applications. After they make the change, we then manually update the Credential Manager record with the new password that the Help Desk has given us. Again, we have a very large number of applications that we interact with; we have chosen not to spend time automating the password changing process on them since it is a function that is seldom used and we feel the development time is better spent on other things that we consider to be more important. I guess it helps (for us) that we are able to pass off most of the password-changing activity to another group in our company.
So it appears that I have projected the methodology that we use and offered it up as a blanket statement that it must be done manually. I was trying to give you practical advice, but I neglected to consider that my situation can differ from the circumstances that others may have. I apologize for giving you the wrong information, but I'm glad that someone with a differing viewpoint was able to set the record right.