Ask HN: Why are SMS verification codes typically numeric?

4 points by GigabyteCoin ↗ HN
I am in the process of implementing an SMS verification process for an old website of mine and got to thinking about why most SMS verification codes (even those send by Google) typically consist of only numbers?

Surely an alpha-numerical code would be much more secure than a numeric code?

The only reason I can think of for numeric codes being prevalent is that perhaps latin/ascii alphabetical characters aren't readily available to keyboards around the world, while decimal numbers are?

Can you think of any reason why I should not implement alpha-numeric SMS verification codes?

5 comments

[ 3.3 ms ] story [ 26.1 ms ] thread
they are faster to type from a feature phone.

verification codes don't have to be long. 4-7 numbers with limited amount of retry is plenty.

>they are faster to type from a feature phone.

My customers are entering the verification phones through a computer keyboard, they are only receiving the SMS verification messages to their mobile phone once so I can verify that they own a phone.

Unless you were assuming that their "browser" they would be entering the verification code into is on their feature phone?

Much faster to type (and hence, much more likely to ever be typed).
Because most people can have a single look at 5 numbers and remember them for a few seconds (until they finish typing them) without having to re-look at their phone for each character.
Having a time and submission limit seems much more valuable than complex codes. 30 seconds and 1 failure seems acceptable for usability for a quick 6 digit input.