Type To Trust
Security codes are everywhere
In response to the increasing frequency of security breaches and data leaks, many applications have significantly strengthened their security measures. Multi-factor authentication (MFA), authenticator PINs, one-time passwords (OTP), biometric verification, and CAPTCHAs have all become standard layers of protection beyond the traditional username and password.
As a result, we regularly interact with security codes in our daily lives, whether by reading and retyping or reading and speaking them. Common examples include: Logging into a bank account, Providing an OTP to your ride-share driver, Sharing a security code with your food delivery driver…
The How
Security codes are delivered through various channels, including SMS / Text messages, Email, Push notifications, On-screen display in apps. These codes must be short, unique, and often time-sensitive, expiring after a limited period for added security.
For example, if an app generates a 6-character code (a mix of letters and numbers) for users at a rate of 500 codes per second, it would take just 12 minutes before there’s a 1% chance of a collision—where two users receive the same code.
The Problem (Alpha + Number codes)
When security codes combine letters (with varying cases) and numbers, distinguishing certain characters can become difficult depending on the font. Some characters, like “O” (uppercase O) and “0” (zero), or “l” (lowercase L) and “1” (one), can appear nearly identical in certain fonts. This similarity can lead to confusion and errors.
Here are a few examples:
These subtle visual similarities can cause confusion and delay, especially in time-sensitive scenarios like entering one-time passwords or verification codes.
Solution
Consider using a font specifically designed to help users differentiate between similar-looking characters and numbers.
The font I’m currently using on this blog, Atkinson Hyperlegible, is an excellent choice for this purpose.