When is password reconciliation utilized in CyberArk?

Password reconciliation in CyberArk is utilized specifically to ensure that the passwords stored in the Vault are in sync with the actual passwords on the target systems they correspond to. This process is critical because discrepancies between the stored password and the target system's password can lead to access issues, security vulnerabilities, and potential downtime for users relying on those credentials.

When the system detects that a stored password does not match the password present on the target system, reconciliation is activated to correct the inconsistency. This is often part of a scheduled process or can be prompted by specific conditions, ensuring that the information in the Vault remains accurate and up-to-date for authorized users.

The other options relate to general processes or actions within CyberArk that do not specifically pertain to the context of synchronization of stored and actual passwords. For instance, creating new passwords or auditing password strength involve different aspects of security management, while user onboarding usually focuses on access provisioning rather than reconciling password mismatches.