Username Rules for Security & Authentication

Security-related terms like login, password, and verify that could be exploited for phishing and credential theft.

Why These Usernames Are Reserved

Security terms are weapons for phishing. A message from @verify saying "click here to confirm your account" looks legitimate. Handles like @login, @password, @secure, and @authenticate appear in thousands of social engineering attacks. Blocking these prevents attackers from gaining credibility through username selection.

Common Examples

security
secure
auth
login
password
verify
confirm
encrypt
ssl
oauth

API Enforcement

Check usernames in this category programmatically:

CURL

Related Pages

Username Rules

Browse all rule categories

Reserved Usernames

Overview of reserved usernames

Username Rules for System & Infrastructure

Technical usernames like admin, root, and api that platforms block to prevent conflicts with core functionality and administrative access.

Username Rules for Government & Official Entities

Government agencies, law enforcement, regulatory bodies, and official institutional identifiers.