Using the Django framework, I've built a user-based web application. After some time, my client requested that the application disallow creating usernames that contain users' last names.
I have two questions:
Is it possible to do this reliably, always catching someone trying to register a username containing their last name, which is also present as a sign-up field? (My understanding and experience is that users can easily subvert this and still make the username look like their last name just by adding special characters or integers.)
What would be the best way to do this?