The following usernames should be reserved (no one can register these usernames):

  • admin
  • administrator
  • anonymous
  • guest
  • simulacrum
  • support
  • unknown
  • visitor

Note: I've registered all of the above on the production arcology.

pixelfck 20 May 2015:
  • helpdesk
ttech 23 Jul 2015:

root, also common sql injection triggers should be just rejected (if they aren't already)