you say you are manually entering the user credentials in the database?
Directly in the database, Or do you fill in a registration page to enter the details.
In the login behavior, I see you are using the password encryption technique.
For this to work, the password will need to be stored in the database as an encrypted string.
an encrypted password would be stored in the database as a 40 character string. For example if your password where "test" the value stored in the database would be "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3"
If you are entering the passwords directly into the database, you will need to manually perform the sha1 conversion.
If you create a registration form that you can use to enter new users into the database, you can set it up to perform the conversion for you, the security assist tutorial walks through modifying the registration page to store the encrypted passwords.