On Sat, 7 Jun 2025 at 00:12, Andres Freund <and...@anarazel.de> wrote: > I assume this is due to the fairly high iteration count we use by default?
Maybe... But looking closer at the PgBouncer code another option that seems pretty likely is that PgBouncer is regenerating a secret over and over again, if users store the password in plaintext in the pgbouncer auth file (which I believe has to be the case for all of the users that switched from md5 to scram-sha256 without their knowledge). I've done no profiling, but by simply looking at this function[1] it doesn't seem particularly cheap to do on every authentication attempt. At the very least it's doing those 4096 iterations an additional time. It seems like it should be fairly easy to cache that. So I've created an issue for that[2]. [1]: https://github.com/pgbouncer/pgbouncer/blob/ed7ecfb9213a2bec138f560aa7d8e4dcb3bc0f62/src/scram.c#L742 [2]: https://github.com/pgbouncer/pgbouncer/issues/1335
