The password reset email include a link which contains username. For example: xxx.com/forgot-password/?somresetpass=true&somfrp_action=rp&key=xxx&login=my-username
This query string is tracked by Google Analytics. Thus, violating GDPR as username is a personal identifiable information.
Question: Any way to get rid of
&login= from the password reset links?