diff --git a/src/ckdb.h b/src/ckdb.h
index caf1884e..a74f3bbe 100644
--- a/src/ckdb.h
+++ b/src/ckdb.h
@@ -52,7 +52,7 @@
 
 #define DB_VLOCK "1"
 #define DB_VERSION "0.9.6"
-#define CKDB_VERSION DB_VERSION"-0.802"
+#define CKDB_VERSION DB_VERSION"-0.803"
 
 #define WHERE_FFL " - from %s %s() line %d"
 #define WHERE_FFL_HERE __FILE__, __func__, __LINE__
diff --git a/src/ckdb_dbio.c b/src/ckdb_dbio.c
index aaa452b2..9245f968 100644
--- a/src/ckdb_dbio.c
+++ b/src/ckdb_dbio.c
@@ -4333,20 +4333,23 @@ bool auths_fill(PGconn *conn)
 	PGresult *res;
 	K_ITEM *item;
 	AUTHS *row;
-	char *params[1];
-	int n, i, par = 0;
+//	char *params[1];
+	int n, i;
+//	int par = 0;
 	char *field;
 	char *sel;
-	int fields = 7;
+	int fields = 7 + 1; // +1 = 'best'
 	bool ok;
 
 	LOGDEBUG("%s(): select", __func__);
 
 	// TODO: add/update a (single) fake auth every ~10min or 10min after the last one?
+#if 0
 	sel = "select "
 		"authid,userid,workername,clientid,enonce1,useragent,preauth"
 		HISTORYDATECONTROL
 		" from auths where expirydate=$1";
+
 	par = 0;
 	params[par++] = tv_to_buf((tv_t *)(&default_expiry), NULL, 0);
 	PARCHK(par, params);
@@ -4357,6 +4360,24 @@ bool auths_fill(PGconn *conn)
 		PQclear(res);
 		return false;
 	}
+#endif
+
+	// Only load the last record for each workername
+	sel = "with last as ("
+		  "select authid,userid,workername,clientid,enonce1,useragent,preauth"
+		  HISTORYDATECONTROL
+		  ",row_number() over(partition by userid,workername "
+					"order by expirydate desc, createdate desc)"
+		  " as best from auths"
+		") select * from last where best=1";
+
+	res = PQexec(conn, sel, CKPQ_READ);
+	rescode = PQresultStatus(res);
+	if (!PGOK(rescode)) {
+		PGLOGERR("Select", rescode, conn);
+		PQclear(res);
+		return false;
+	}
 
 	n = PQnfields(res);
 	if (n != (fields + HISTORYDATECOUNT)) {