Olli083097
asked on
How to handle registrations?
Ok, I am going to give 200 points to the person who introduces the best way to handle registration of a VB program.
What I really mean is: How to make sure that people that pirate copy it, will get problems using it? (And not those who bye it)
What I really mean is: How to make sure that people that pirate copy it, will get problems using it? (And not those who bye it)
ASKER
Edited text of question
You could consider a hardware security key (dongle)
Assuming that you are releasing it on floppies or CD, you could test for the serial number for floppie #1 or the CD.
Or,
You could go the route of Maxis and every time the app is started, a question is asked that can only be answered from the user's manual.
Or,
You could go the route of Maxis and every time the app is started, a question is asked that can only be answered from the user's manual.
ASKER
A hardware security key is going a little bit to far... :-)
And I have thought about checking the serial numbers...
I'm going to keep this question open for a few days, and the best answer will get the points...
And I have thought about checking the serial numbers...
I'm going to keep this question open for a few days, and the best answer will get the points...
You could base your registration on a 'Software Key' principal.
You allow the program to run properly for a number of days, then you disable it in the code unless the user has registered their software and keyed in the 'Key' (ie a series of characters provided by you)
You then invite people to pay you a license fee for further use of the product. On receipt of the fee, you generate and send them a 'Software Key' which could be based on their name or a registration number or date etc or a combination of these.
When the user types in his 'Key' you then store a 'token' in an .ini file (or other file) You can encrypt this token if you wish. This token should be validated by the application each time it is started.
Cheers - MorFF
You allow the program to run properly for a number of days, then you disable it in the code unless the user has registered their software and keyed in the 'Key' (ie a series of characters provided by you)
You then invite people to pay you a license fee for further use of the product. On receipt of the fee, you generate and send them a 'Software Key' which could be based on their name or a registration number or date etc or a combination of these.
When the user types in his 'Key' you then store a 'token' in an .ini file (or other file) You can encrypt this token if you wish. This token should be validated by the application each time it is started.
Cheers - MorFF
ASKER
MorFF: This sounds interesting! Could you (or someone else) give me a more concrete example of something like that...
This is sort of like WinZip handles registration.
Not to throw water on this idea, but what would prevent me from giving a friend a copy of the disk, as well as the key. Sure, the about box might have my name on it, but the pirate wouldn't care.
To cop a plea, before I became a developer and started believing in "Do unto others...", this is how I got a lot of my best apps.
Not to throw water on this idea, but what would prevent me from giving a friend a copy of the disk, as well as the key. Sure, the about box might have my name on it, but the pirate wouldn't care.
To cop a plea, before I became a developer and started believing in "Do unto others...", this is how I got a lot of my best apps.
If this is a Win95 application, I would look at hiding the key in the Registry. Place it under a rather obscure keyname, and when the program starts, have it check for the key. If it doesn't exist, display a prompt screen to ask the user to enter the key. It isn't full proof, but it would be a pain in the neck!
increase the points to 1000 and grant me with a++
and you'll get the best algoritm to security program
u wont be able to use the same software on other machines without conntacting
u as a seller!!!
comment on seriousity!!!
and you'll get the best algoritm to security program
u wont be able to use the same software on other machines without conntacting
u as a seller!!!
comment on seriousity!!!
I have done this:
When installing the software create a registry key that contains the shareware version of the license key. This key has the installation date imbeded into it so that the application knows when it is no longer valid.
when the installation occurs it also checks to see if the key exists and if so prompts the user to purchase the software.
In order to register the software:
The user goes to the licensing section of the application.
The application generates a series of numbers that is the serial number off the hard drive.(API call)
The user gives this information to you and you give the user a valid key based upon this number. This is the valid key that the user will enter and then the application will give them access to full functionality.
By basing this registration on the hard drive serial number, the key cannot be used by another person on another computer. Since the application would read a different number and they key would be invalid.
When installing the software create a registry key that contains the shareware version of the license key. This key has the installation date imbeded into it so that the application knows when it is no longer valid.
when the installation occurs it also checks to see if the key exists and if so prompts the user to purchase the software.
In order to register the software:
The user goes to the licensing section of the application.
The application generates a series of numbers that is the serial number off the hard drive.(API call)
The user gives this information to you and you give the user a valid key based upon this number. This is the valid key that the user will enter and then the application will give them access to full functionality.
By basing this registration on the hard drive serial number, the key cannot be used by another person on another computer. Since the application would read a different number and they key would be invalid.
web_crusher:
Are you willing to post your algorithm here so that others who pay for the paq (10% of 1000 = 100 points) won't have wasted their time and points?
Are you willing to post your algorithm here so that others who pay for the paq (10% of 1000 = 100 points) won't have wasted their time and points?
Tbird:
Not basing it on the hard drive serial number, but the serial number of the media the app is shipped on (CD or floppy).
Not basing it on the hard drive serial number, but the serial number of the media the app is shipped on (CD or floppy).
If you base it upon the serial number of the media shipped the customer can install it on as many machines as he wants. By using the hard drive it can only be installed fully one one.
Tbird:
Basing the copy protection on the shipping media will prevent, s/he from making copies to give to friends.
On the other hand, by basing it on the HD serial number, you force the user to contact the seller when the user switches machines or hard drives. I certainly wouldn't want to purchase a separate license to use a piece of software both at home and at work. If I bought the thing, I should be able to take it where ever I want (as long as I am the only person who uses it). Then there is the problem of what to do when I no longer want the software and decide to sell/give it (and it's license) to someone else.
What you describe is the copy protection used by TripMaker. I had such a heck of a time reinstalling it when I upgraded my hard drive that I switched to Automap.
Basing the copy protection on the shipping media will prevent, s/he from making copies to give to friends.
On the other hand, by basing it on the HD serial number, you force the user to contact the seller when the user switches machines or hard drives. I certainly wouldn't want to purchase a separate license to use a piece of software both at home and at work. If I bought the thing, I should be able to take it where ever I want (as long as I am the only person who uses it). Then there is the problem of what to do when I no longer want the software and decide to sell/give it (and it's license) to someone else.
What you describe is the copy protection used by TripMaker. I had such a heck of a time reinstalling it when I upgraded my hard drive that I switched to Automap.
to clifABB & Tbird : i dont want unproffesinal users to c this - cause it wont help them
the code is too hard to figure !
cause you r one of my big helpers (clifABB) - here is the basics:
the security is based on a form at the main project - the form is 3 text boxes based
- after the setup - the first time the program executed the project look to a certain binary
file with excrypted code on it - code that is generated out of several registry constance that are gained on the users machine - so the hentification generator program - like user can use the software only on his machine - but the real deal is - after the setup there is no binary file or it is empty so the form that i told u about before is shown - the form generate a code number that is based on a particular algoritm - any one can think of one and do one - to complete the registration for the authentification code - the clients has to contact me - i have the code authentification generator program !
after the code is cofirmed the code is added to the binary file and being checked every time the program is executed - very nice and hard to brake !
the code is too hard to figure !
cause you r one of my big helpers (clifABB) - here is the basics:
the security is based on a form at the main project - the form is 3 text boxes based
- after the setup - the first time the program executed the project look to a certain binary
file with excrypted code on it - code that is generated out of several registry constance that are gained on the users machine - so the hentification generator program - like user can use the software only on his machine - but the real deal is - after the setup there is no binary file or it is empty so the form that i told u about before is shown - the form generate a code number that is based on a particular algoritm - any one can think of one and do one - to complete the registration for the authentification code - the clients has to contact me - i have the code authentification generator program !
after the code is cofirmed the code is added to the binary file and being checked every time the program is executed - very nice and hard to brake !
web_crusher:
I wasn't questioning your algorithm (neither it's existance, nor it's viability), I just have a pet peeve over paqs that I pay for where in the answer is "give me your email and I'll send the code". Nothing personal to you, and please don't take it as such.
I wasn't questioning your algorithm (neither it's existance, nor it's viability), I just have a pet peeve over paqs that I pay for where in the answer is "give me your email and I'll send the code". Nothing personal to you, and please don't take it as such.
clifABB : i wasnt offeded - i was ownered
sorry if you felt this way - i just dont want to make useres unfused of a large codes
thanks for the comment!
sorry if you felt this way - i just dont want to make useres unfused of a large codes
thanks for the comment!
ASKER
clifABB: You are right about the problem with "The WinZip Way", so this is a bad way to to it!
jsuper: I don't think it would prevent the user from sharing the regkey with others...
Tbird: Your way it real safe! But it's a lot of trouble for the user... But it's the right way, if it's for a >300$ worth app. :-)
clifABB/Tbird: Basing it on the shipping media will prevent large scale piracy. I mean, the program wont "travel" far, if the owner has to lend the disks/cd to everyone.
web_crusher: With your way, can you upgrade your harddrive or use it on both your office-machine and your private-machine?
jsuper: I don't think it would prevent the user from sharing the regkey with others...
Tbird: Your way it real safe! But it's a lot of trouble for the user... But it's the right way, if it's for a >300$ worth app. :-)
clifABB/Tbird: Basing it on the shipping media will prevent large scale piracy. I mean, the program wont "travel" far, if the owner has to lend the disks/cd to everyone.
web_crusher: With your way, can you upgrade your harddrive or use it on both your office-machine and your private-machine?
So do I get the points? or what?
[Tbird] Points for repeating what I posted?
[clifABB] Fair point about home vs. work use. But the majority of license agreements work this way. A licence is for a single user single machine. By rights you should buy two licenses!
[olli]What if you want to allow users to download from the web? - no media. What size/cost of the application are we talking about here?
One thing to bear in mind. The harder it is to crack, the more it is of a challenge to certain individuals. Nothing is totally secure, check the web - you can get cracks and hacks for just about anything.
Cheers MorFF
[clifABB] Fair point about home vs. work use. But the majority of license agreements work this way. A licence is for a single user single machine. By rights you should buy two licenses!
[olli]What if you want to allow users to download from the web? - no media. What size/cost of the application are we talking about here?
One thing to bear in mind. The harder it is to crack, the more it is of a challenge to certain individuals. Nothing is totally secure, check the web - you can get cracks and hacks for just about anything.
Cheers MorFF
MorFF:
I will take your word that the majority works the way you say. But I see more and more software companies taking the idea of treating software (other than OSs) like books. Books can be used in more than one location, but never two locations at the same time.
And I will admit that my idea won't work for install from web. However, once users purchase the software on disk, upgrades from web are easy with MS's new toy.
I will take your word that the majority works the way you say. But I see more and more software companies taking the idea of treating software (other than OSs) like books. Books can be used in more than one location, but never two locations at the same time.
And I will admit that my idea won't work for install from web. However, once users purchase the software on disk, upgrades from web are easy with MS's new toy.
[clifABB]I agree with the book concept. Only, it depends on how much you can trust an individual. The thing with a book is that you physically can't read the book in 2 places. This points back to the 'dongle' argument and therefore how much the software is worth (even MS don't dongle their software and retail price can be over £1k)
The project management package PMW used to stop you copying by writing back to the media (diskette only) when you installed it.
So not CD or web friendly.
The project management package PMW used to stop you copying by writing back to the media (diskette only) when you installed it.
So not CD or web friendly.
ASKER
Tbird: Probably, but not yet...
MorFF: When downloaded from the web, the app could ask for a emty disk to write a security key to. And it could use the serial number from that disk.
And youre right about some induviduals taking the challange in cracking the security.
web_crusher/all: With your/web_crusher's way, can you upgrade your harddrive or use it on both your office-machine and your private-machine?
MorFF: When downloaded from the web, the app could ask for a emty disk to write a security key to. And it could use the serial number from that disk.
And youre right about some induviduals taking the challange in cracking the security.
web_crusher/all: With your/web_crusher's way, can you upgrade your harddrive or use it on both your office-machine and your private-machine?
If you're gonna ask for an empty disk, you may as well write it to the hard-drive/registry/ini file/hidden file etc.
With a security key based on the hard drive serial, you will need to re-register if you change harddrive or try to re-install on another machine (ie diff harddrive)
The main question here is - how much trouble/time/cost are you prepared to go to to protect your software, against how much it is worth. (what is your software?)
MorFF
With a security key based on the hard drive serial, you will need to re-register if you change harddrive or try to re-install on another machine (ie diff harddrive)
The main question here is - how much trouble/time/cost are you prepared to go to to protect your software, against how much it is worth. (what is your software?)
MorFF
ASKER
MorFF: You can write the key to the registery, by my idea was to base the number upon the serial number of a certain floppy(to avoid the problem with changing hd). And the app could check the serial of the hd, and if it changed it would as for the floppy you saved the key to(read the serial # from).
web_crusher: I'm rejecting your answer, because you don't anwer my comments, when you answer, then you might get the points... :-)
All: Is there no other good ideas?
web_crusher: I'm rejecting your answer, because you don't anwer my comments, when you answer, then you might get the points... :-)
All: Is there no other good ideas?
There are many good protection schemes, but you have to weigh the amount of protection against ease of use for your customers. The more strict your copy protection is, the more your software will be a "pain in the butt" to install/use. This is just a fact of computing life.
Just remember that, no matter what you decide on, there will always be someone out there who exists just to break copy protections.
Just remember that, no matter what you decide on, there will always be someone out there who exists just to break copy protections.
ASKER
OK, I hope that you all learned something of this, I certainly did!
It was impossible elect "THE BEST WAY", so I'm going to give the points to the one that introduced the way that I'm going to use. And that was clifABB, clifABB you can anwer the question and receive the 200 points! And thanx to everyone that commented this question! I've learned a lot!
It was impossible elect "THE BEST WAY", so I'm going to give the points to the one that introduced the way that I'm going to use. And that was clifABB, clifABB you can anwer the question and receive the 200 points! And thanx to everyone that commented this question! I've learned a lot!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hehe!
I'm not going to use the Maxis way!!! :-)
I'm not going to use the Maxis way!!! :-)
Good choice!
ASKER