Hackers aren’t always using the login interface, sometimes they’re beyond that and have access to the database of password hashes, and they’re trying to crack the password that can be entered to match a hash and get to try as many times as they like on their own away from the target system.