I recently saw the movie Olympus Has Fallen.
Like in many action movies, at the end a missile is launched, and the hero (Mike Banning, played by Gerard Butler) has 60 seconds to recall the launch in order to prevent a disaster. (Spoilers!)
The way to recall it is by inserting a password, but Banning doesn't have the password. Instead, he has radio contact with the pentagon, who do have it.
So the person from the pentagon is reading the password to Manning over the radio: "Lima, Charlie, Hashtag...". But Banning doesn't have a clue what a hashtag is, so he yells: "What?" And the pentagon perso repeats: "Hashtag?" And time is running out... And then someone else from the pentagon yells: "Shift 3!".
And America is saved...
After the movie was over, I thought a lot about that scene. I realize that in real-life there are rarely cases in which a password should be read out loud (most of the time, if it happens, it's because people share passwords, and that's a different problem...).
But here is a case in which the only way to get the password is by saying it over the phone, and it's not a personal password - it's a password only used in an emergency, by whomever has access to the missile launch dashboard.
Now, I know there are various guidelines for passwords: How to make them easy to remember but hard to guess, how to avoid confusing characters, etc. But has anyone come up with rules for over-the-phone-read passwords? I agree, it's a small niche, but at least according to Hollywood – it could be crucial…
To be clear, this is not about "how to read it", but rather "how to choose a password that CAN be read, but is still strong".
UPDATE: Here is the scene, 1:30 minutes on YouTube.