Blocklist for username phishing attempts

I found these, but I don’t think either one is extensive:

Be advised that such blocklist-based solution will never catch all attempts at hacking. Just think of an abuser doubling the word, prefixing it with the or adding a neutral ending (e.g., 1).

Also note that the random generator might actually produce some identifier on the list by chance and then the user could be surprised.

Anyway, if we wanted to ensure no possibility for clash, chatmail might standardize on an allowlist-kind of scheme such as by always beginning or ending with some uncommon and visibly distinct character, such as a number.

Related: