auth_delay causes the server to pause briefly before reporting authentication failure, to make brute-force attacks on database passwords more difficult.