auth_delay causes the server to pause briefly before
  reporting authentication failure, to make brute-force attacks on database
  passwords more difficult.  Note that it does nothing to prevent
  denial-of-service attacks, and may even exacerbate them, since processes
  that are waiting before reporting authentication failure will still consume
  connection slots.
 
  In order to function, this module must be loaded via
  shared_preload_libraries in postgresql.conf.
 
   These parameters must be set in postgresql.conf.
   Typical usage might be:
  
# postgresql.conf shared_preload_libraries = 'auth_delay' auth_delay.milliseconds = '500'
   KaiGai Kohei <kaigai@ak.jp.nec.com>