You upgraded to SQL Server 2025. Your SQL auth logins are slower. This is not a bug. Microsoft did this on purpose — which is actually good news, but if you're not using connection pooling, it's not going to feel very good.
What Changed
Prior to SQL Server 2025, SQL login passwords were hashed using SHA-512 with a random salt — one pass. Fast to verify, which is exactly what attackers love.
SQL Server 2025 switches to PBKDF2 (RFC 2898) as the default hashing algorithm. Same SHA-512 underneath, but now the password is hashed 100,000 times in a loop. This is the standard recommended by NIST SP 800-63B for password-based authentication, and Microsoft confirms it in their SQL Server 2025 security overview.
You can see the difference in the hash itself. Run this on both versions:
SELECT PWDENCRYPT('MyPassword123');
Pre-2025 hashes start with 0x0200. SQL Server 2025 hashes start with 0x0300. That version byte tells you what you've got. Same function. Completely different work going on behind the scenes.
How to Measure the Impact
The key here is to pre-generate the hash first, then time only the verification step to mimic what's actually happening at login.
-- Step 1: pre-generate the hash (not timed)
DECLARE @hash VARBINARY(256) = PWDENCRYPT('MyPassword123');
-- Step 2: time only the verification
DECLARE @start DATETIME2 = SYSDATETIME();
SELECT PWDCOMPARE('MyPassword123', @hash) AS PasswordMatch;
SELECT DATEDIFF(MILLISECOND, @start, SYSDATETIME()) AS ElapsedMs;
No special permissions required — any login that can connect and run a basic SELECT can run this. And the password you pass in is just a string; it has nothing to do with your own login or any existing account on the instance.
Run it on SQL Server 2022 first, then 2025. The difference is immediate. On 2022, you'll see 0ms — single-pass SHA-512 is too fast for millisecond precision to capture. On 2025, the result is hardware-dependent. PBKDF2 is intentionally single-threaded and CPU-bound, so your number will reflect your server's single-core performance. VladDBA measured approximately 150ms on his test environment. On my 2025 instance, I got 229ms. Your number will be your number — run it and find out.
| Version | Algorithm | Iterations | ElapsedMs (sample) |
|---|---|---|---|
| SQL Server 2012–2022 | SHA-512 + salt | 1 | 0ms |
| SQL Server 2025 (VladDBA) | PBKDF2 / SHA-512 | 100,000 | ~150ms |
| SQL Server 2025 (sqlfingers) | PBKDF2 / SHA-512 | 100,000 | ~229ms |
But Here's the Other Side
That overhead isn't Microsoft being careless. It's intentional friction — and it hits attackers far harder than it hits your app.
VladDBA ran the numbers on password brute-forcing. On SQL Server 2022, a password audit script cracked a set of hashes in about 45 seconds. On SQL Server 2025 with PBKDF2, the same workload is estimated at 154,008 seconds — roughly 42 hours. Same hardware, same wordlist. The only difference is the hash algorithm. That is not a small point.
Microsoft acknowledges the login latency tradeoff directly on the SQL Server 2025 Known Issues page. They call it out, they're not hiding it.
What You Should Do
Check whether your applications are using connection pooling. If they are, the per-login overhead happens once per pool connection establishment, not on every request — and you're probably going to be fine. If they're not pooling, or if you're running scripts, jobs, or monitoring tools that open a fresh SQL auth connection on every execution, this IS going to surface. Without question.
Existing logins migrate automatically on first successful authentication.
SQL logins created before the upgrade retain their 0x0200 hash until they authenticate for the first time against the upgraded instance. At that point, SQL Server silently rehashes the password under PBKDF2 and stores the new 0x0300 hash going forward. This works because authentication is the only moment SQL Server has access to the plaintext password. Any login that never authenticates post-upgrade will retain its old hash indefinitely. If you want to confirm which logins are still on the old algorithm, check the hash header in sys.sql_logins:
SELECT name,
CONVERT(VARBINARY(2), password_hash) AS HashVersion
FROM sys.sql_logins
WHERE type = 'S'
AND password_hash IS NOT NULL;
0x0200 = old. 0x0300 = PBKDF2. Simple as that.
Kerberos and Windows auth are unaffected.
This only applies to SQL authentication. If your environment uses Windows auth or Kerberos throughout, none of this touches you.
There's an undocumented trace flag.
Community discussion on Microsoft Learn surfaced startup parameter -T4671 as a way to revert to pre-2025 hashing behavior. Note that TF 4671 reversed meaning between versions — in SQL Server 2022 it enabled iterative hashing; in 2025 it appears to disable it. This is undocumented and unsupported. I'm mentioning it because you'll see it discussed, not because I'm recommending it.
More to Read:
SQL Server 2025 Known Issues — Microsoft Learn
Secure by Default: What's New in SQL Server 2025 Security — Microsoft Community Hub
Looking into SQL Server 2025's new PBKDF2 hashing algorithm — VladDBA
NIST SP 800-63B Digital Identity Guidelines
No comments:
Post a Comment