I have configured "Password Brute Forcing" in the Option Profile of the Vulnerability Management module.
I have activated the Custom Option and provided a list of some SSH user/password combinations to test for.
Now I have scanned a machine for which the admin says that one of the user/password combinations is valid. But Qualys doesn't report QID 38259 and I have no idea why.
Is there anything that I can do wrong?