Well, the calculation of the hash on the server side will of course also be a tiny bit slower, but this will seldom significantly increase the risk of application level DDOS, also because you can size the machines according to your needs.
Also, even 10s of thousands of iterations are very fast (run `openssl speed` to get an idea). See this more as a mechanism to introduce 8-10 ms delay for every password check. This will delay the attacker, but shouldn't bring down a server.
This does not have any impact on network-level DDOS scenarios.
In short, in password authentication, slower is better.
Also, even 10s of thousands of iterations are very fast (run `openssl speed` to get an idea). See this more as a mechanism to introduce 8-10 ms delay for every password check. This will delay the attacker, but shouldn't bring down a server.
This does not have any impact on network-level DDOS scenarios.
In short, in password authentication, slower is better.