Passing just login and password is often not enough in the modern world. I expect that you need to add at least HTTP Cookie Manager
to represent browser cookies and deal with cookie-based authentication.
Going forward, there could be mandatory dynamic parameters which represent page-level state, session ID, etc. In that case your test login should look as follows:
- Open Login Page
- Detect and extract any dynamic parameters and store them into JMeter Variables
- Perform login providing credentials and dynamic parameters from previous step
This is called "correlation" and it's one of the most frequently asked questions
See ASP.NET Login Testing with JMeter
guide for example. If your application isn't ASP.NET-based it doesn't matter, the approach shouldn't be different for other application types where correlation is required.
Hope this helps.