wrong reset password url with ithemes hidden backend

The password-reset-url is somehow wrong for my installation.
I use ithemes security which can change the backend-login-adress.
I had to alter the generation of the link within modules/settings/class-settings-output.php.

In line 155 I did the following changes:

// Localize password reset message content for user.
$locale = get_user_locale( $user_data );
$reset_url = network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . '&wp_lang=' . $locale . "\r\n\r\n";
// $reset_url = wp_login_url() . '?action=rp&key=' . $key . '&login=' . rawurlencode( $user_login );

So I basically I added a user_locale and turned on the network-site-url and added the locale.
the reset_url that is activated by default that uses wp_login_url just doesn’t work together with a ithemes security.
It also looks to me, that wordpress standalone-function also uses network_site_url to generate this adress.

Is there an easy way to make this permanent? An update will kill my code-changes and break my users process’.