Are there numbers and letters to avoid for activation codes via SMS?
We are at a fairly early stage in our application development and have run into a usability issue related to typing an activation code sent via SMS into a browser URL.
Here's the basic scenario:
- You can sign up with email or phone
- if you sign up with email, you get an email with a link to activate;
- if you sign up with phone, you get an SMS with a link to activate.
- You click the link to activate, then set a password.
We had someone attempt this with a "dumb phone" (standard clamshell with no web browsing ability). This person did not have an email she felt comfortable sharing or using for our service. She proceeded to type the activation url into a browser on a desktop computer.
However, it turned out the activation code had enough confusing numbers and letters in it to require multiple attempts before getting it right (e.g., ones and zeros were hard to distinguish, "l" or "1" or "O" or "0").
Sample activation code: AX6elp90grPo
Initial Fix
We plan to address the immediate issue by "guessing" which letters and numbers seem easy to confuse with each other and eliminating them, or always using one (e.g., anything that looks like a "1" is always a "1").
Question:
I was wondering if there is already a standard recommendation or practice for situations like this (specifically, which letters or numbers should be eliminated)?
I'm also open to any other relevant suggestion, including how better to handle activation information over SMS.