Making sure that Office 365 user (and administrator) accounts have good passwords is a never-ending task. A new preview feature in Azure Active Directory helps by ensuring that users can’t include common words specific to the organization (like its name) in a password. It’s another piece in the puzzle to frustrate potential attackers.
Good tip. We are using the banned password in production environment, includes in on premisses domain controllers. I believe that reports will be better apprimorated, but is possible search the event logs to view the number of attempts banned by Azure AD Password Policy.