Sean Gallardy has a wonderful rant:
There were a few emails about login times so I figured it warranted a blog post. Strap in, this one goes sideways fast.
Some people noted that the amount of time to log in with a SQL Login in SQL Server 2025 all of a sudden took longer. This is clearly stated in the Docs, though the way it is written is documented is problematic.
As Sean mentions, this is on purpose and it is good. Yeah, the amount of time it takes to log in using SQL authenticated accounts in SQL Server 2025 is higher. That’s because the mechanism to log in is now considerably more secure than it was before. And let’s be honest: how frequently are you logging into SQL Server? What percentage of your processing time does that take? Because if the answer is “a large percentage,” that sounds like a job for connection pooling or revising the calling application.
“And let’s be honest: how frequently are you logging into SQL Server? ”
LOL – 10X per second all day long
My WinDev Apps login that fast…cause EF likes to do that while running as a service with apps that treat SQL tables as a queue
That’s where connection pooling comes into play. My understanding is that the full authentication process doesn’t happen on each re-use of the pooled connection. That means you’re only paying the PBKDF2 tax once for the pool, even if the app(s) slam it dozens of times per second.