It sounds like you've tried [a-zA-Z]* usernames in an attempt to see if you could guess a username. It probably says "Invalid Login!" no matter what is guessed.
What do you imagine the code that takes the logins eventually does? It seems likely that the username and password will end up in a query against a database to see if the user is valid and (theoretically) if the hash of the password matches the stored value.
What kind of input could you try to see if that behavior is done securely?
I tried brute forcing the login admin panel but no luck yet.
What username should I use? I tried all the basic ones and cant get it to display anything besides "Invalid Login!".