pgalloway
asked on
Password protecting against date changes
I have password protected my software by generating a password that relates to hard disc ID, computer name, email, date of installation etc. Is there an easy way to prevent users changing the system date to reactivate the software after a license period expires?
ASKER
OK this is very obvious really, when you know how. Thanks very much Clif.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If the users date is pulled back to an earlier date than you should disable using the program all together and end the trial period regardless of how many days would be remaining. In reality the indivudual who sets the clock back to try and bypass the trial for more days isn't really interested in purchasing your software. Now you may say what about the other reasons that might occur, pherhaps the date changing because of a bad bios or by other means. Don't worry about those situations they won't blame your trial method but the computer itself.
The idea is to subclass for a WM_TIMECHANGE ( http://vbnet.mvps.org/index.html?code/subclass/datetime.htm )
You should also check if the computer is connected to the internet and query a time server, this can't be changed by the user so it will always work behind the scenes. Also make sure if the user doesn't have a connection to have a backup method, I wouldn't recommend using a file to store the date and time settings. I would use the registry and set a dacl on the hkey so the user can't open the key to edit the values.
The idea is to subclass for a WM_TIMECHANGE ( http://vbnet.mvps.org/index.html?code/subclass/datetime.htm )
You should also check if the computer is connected to the internet and query a time server, this can't be changed by the user so it will always work behind the scenes. Also make sure if the user doesn't have a connection to have a backup method, I wouldn't recommend using a file to store the date and time settings. I would use the registry and set a dacl on the hkey so the user can't open the key to edit the values.
What you can do is also store that last date the info was requested that was on or after the currently stored date. If the system date ends up being before the stored date, you know the user changed the system date and you can deactivate your app.
I don't know how you're storing your password, so I can't give you code. But, hopefully, you understand what I'm saying and can implement it.