diff --git a/src/main/java/org/jenkinsci/remoting/engine/Jnlp3Util.java b/src/main/java/org/jenkinsci/remoting/engine/Jnlp3Util.java
index 05b0be67f..e0ce157ce 100644
--- a/src/main/java/org/jenkinsci/remoting/engine/Jnlp3Util.java
+++ b/src/main/java/org/jenkinsci/remoting/engine/Jnlp3Util.java
@@ -86,7 +86,7 @@ public static byte[] keyFromString(String keyString) {
     public static String generateChallenge() {
         try {
             MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
-            outer: for (int tries = 0; tries < 256; tries++) {
+            outer: for (int tries = 0; tries < 10; tries++) {
                 String challenge = new BigInteger(10400, new SecureRandom()).toString(32);
 
                 // JENKINS-37302 we need to validate that this is a challenge that can be round-tripped