What a wonderful thought and a great step in the right direction – Let’s deny the use of the 10,000 worst passwords.  I am being serious as is this article.  It is time to stop simply laughing at the poor decisions of our end users and begin to build controls and limitations on poor password decisions.  It is time to mandate better credentials – passphrases, multi-factor authentication requirements, and proper password management tools.  It is time for webmasters and sysadmins to pick up the torch of password security and quick bending to the whim of a lowest common denominator approach to end user management.

https://nakedsecurity.sophos.com/2018/12/17/worst-passwords-list-is-out-but-this-time-were-not-scolding-users/