i wonder Brute Force Attack in ASM

I tested the brute force function test in version 13.1.0.2, and I have two questions.

 

First, the function to identify whether or not the user is attacked by the Device ID does not recognize the Device ID if the login page is entered through the Chrome browser.

 

Second, I'm wondering how credential stuffing adds an ID to the brute force dictionary in the event log.

 

I would appreciate your detailed reply.