A token generated for human consumption must have the following characteristics:

• It must not contain words that can have (negative) meaning
• It is must to read
• It must not have potentially ambiguous characters

For example, this is not a good human-usable token:

PY5FAGNNHTCYTAAG

This token is, however:

H4NL-N3PW-9RFJ-4TPX

To turn a random token into a human-readable token:

• Exclude vowels (A E I O U)
• Exclude ambiguous characters (B D G Q S Z and 0 1 2 5 6 8)
• Group characters in chunks of 4 or 5 characters, separated by dashes

This reduces the entropy in the generated token, but because tokens are easier to read and copy, they can be made longer.

See also

• Apple Passwords’ Generated Strong Password Format (Ricky Mondello)