3090 Ti's are very hard to come by - an attacker will need to either have malware on gaming rigs (which are user-facing devices and so have higher odds of detection, especially if you're loading those GPUs), be paying for cloud compute (money out of their pockets), or own the GPU themselves (more money out of their pockets) - so that's a significant cost imposed on them - which is greatly amplified given the above figure of 25k login attempts per month per user per service.

Those legitimate users logging in on a Raspberry Pi 1 are going to be in the vast minority (probably about 0.001%, if not less, as evidenced by the relative marketshares of Windows vs Linux, and how rare Raspberry Pi's are for desktop use relative to normal x86 machines) of users of your service - it's OK for them to have 20s-30s logon times in exchange for (1) not requiring PII from users and (2) less credential stuffing.

Certainly, Raspberry Pi users are more rare than Internet Explorer users, which many developers simply refuse to support at all.

In particular, I am ok with having 30s logon times for services for my desktop computers (assuming that I only have to log on once every few months and not every few minutes like my brain-dead bank requires), so it's more than reasonable to expect those with an extremely niche and underpowered setup to have to wait that long for a very infrequent login process - again, for the sake of security and privacy.

Then give those users an option. It's not hard. Show a little progress bar for the PoW, and then offer the user other options including manually approving the new logon and using a yubikey or similar.