Clients authenticating with SCRAM should ensure that they generate SaltedPasswords with a minimum of 4096 iterations.