Hi @Gene Calai
1) As far as I can see you can only do this with a custom policy as seen at https://learn.microsoft.com/en-us/answers/questions/34579/how-to-enable-azure-b2c-custom-banned-password-lis.html (see answer by SaurabhSharma-msft)
2) Here is the github for implementation:
A B2C IEF Custom Policy - Sign up and Password reset with banned password list
https://github.com/azure-ad-b2c/samples/tree/master/policies/banned-password-list-no-API
If this is helpful please accept answer.