Username Rules for System & Infrastructure

Technical usernames like admin, root, and api that platforms block to prevent conflicts with core functionality and administrative access.

Why These Usernames Are Reserved

System usernames are the most commonly exploited handles in phishing attacks. When someone messages you from @admin, you assume authority. Platforms block these to prevent impersonation of staff, conflicts with subdomain routing (like api.example.com), and bugs caused by programming keywords like null and undefined. Every platform from Twitter to Discord reserves these from day one.

Common Examples

admin

administrator

root

system

api

www

mail

ftp

localhost

null

undefined

test

API Enforcement

Check usernames in this category programmatically:

CURL

Username Rules

Browse all rule categories

Reserved Usernames

Overview of reserved usernames

Username Rules for Security & Authentication

Security-related terms like login, password, and verify that could be exploited for phishing and credential theft.

Username Rules for Support & Customer Service

Help desk, customer service, and support-related terms that users associate with official assistance channels.