You could create something like a database with a table for tracking the information and put a DML trigger against the syslogins table in master that inserts a record into the tracking database everytime the account (or any account for that matter) is changed. You could also increase your auditing. I think C2 auditing would catch that information, but it basically gathers everything, so the audit files can grow rather quickly...