A token generated for human consumption must have the following characteristics:
- It must not contain words that can have (negative) meaning
- It is must to read
- It must not have potentially ambiguous characters
For example, this is not a good human-usable token:
PY5FAGNNHTCYTAAG
This token is, however:
H4NL-N3PW-9RFJ-4TPX
To turn a random token into a human-readable token:
- Exclude vowels (A E I O U)
- Exclude ambiguous characters (B D G Q S Z and 0 1 2 5 6 8)
- Group characters in chunks of 4 or 5 characters, separated by dashes
This reduces the entropy in the generated token, but because tokens are easier to read and copy, they can be made longer.
See also
- Apple Passwords’ Generated Strong Password Format (Ricky Mondello)