def validate_username(form):
if form.vars.username in ['admin', 'administrator', 'moderator']:
form.errors.username = '%s is not a valid username.' % \
form.vars.username
auth.settings.register_onvalidation.append(validate_username)
You can also create a custom validator and do:
db.auth_user.username.requires.append(MyCustomValidator())