Hi there,
I’m glad you figured it out. For everyone else. Failed Password Collection can be enabled in the general settings. You should understand the risks in enabling this feature. From the plugin dashboard:
Please do not enable this option unless you understand the consequences. The plugin monitors all the user login attempts, when an user authentication succeeds it logs the event and sends an alert to the administrator if the option is enabled. Same thing happens for failed login attempts with two extra features: you can opt to send a summary of all the failed logins occured during the same hour and/or force the plugin to collect the password used in every authentication attempt to see if the attackers are getting close to your real password or not.
You must be careful with this option as it will also log the attempts that you (as a legitimate user) send, if by mistake you mistype a character in the password the plugin will log this and it will be sent to the Sucuri servers. If a malicious user gets access to your API key or your security logs he/she will know the mistyped password and will use it to improve his attacks against your website.
Thanks!
Eve
