When using Hydra to brute force an HTTP login, additional syntax is required after the protocol specifier (http-get-form or http-post-form). The syntax for each type of request can be looked up using hydra $SERVICE -U; use the placeholders ^USER^ and ^PASS^ to substitute in the username and password guesses. Condition strings S= and F= are simple string matches in the returned data for a successful and failed login, respectively.
See the following section on using Hydra to attack JSON APIs for an example of what this looks like.