For example purposes it's fine. Also, if you're using HTTPS then no one will see query params.
You can send username and password as standard POST data with content-type application/x-www-form-urlencoded and then those params will not be part of the URL.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.