27.05.2020
44

You just need the right program. Universal Keygen Generator is that program. Which means if you have lost your product key and need to urgently get into any software, Universal Product Key Generator will be able to generate a key to make that happen and if the first doesn’t work, it will keep generating them until you can get in without. © Code.org, 2019. Code.org®, the CODE logo and Hour of Code® are trademarks of Code.org. Powered by Amazon Web Services × Close. Stereo Tool 9.22 Crack + Serial Keygen Stereo Tool Crack is a strong processor that is originated from the actual audio shaping to maximize it. It introduces ultra-precise adoption of insert gain and the user pan for left and right channels, proper visual feedback showing the signal content with a vectorscope, ppm meters, indefinitely checking. Technology has made our lives much Luxury and here is one of the best software’s that prove exactly that. However, all considered, advances in technology are for our general right, so we ought not to complain. The Free news is that you can now activate any serial key with Universal Keygen Generator. Perfectly Clear Crack is one of the best software. It has mastered the science of intelligent image correction. It supports all types of windows. Perfectly Clear 3-5 Crack + Keygen Code Free Download. Crack January 7, 2018 Software Leave a comment 67 Views. Perfectly Clear Crack Latest Version Free. SpyHunter 5.3.2 Crack with Email and Password 2019 Keygen Free Download is the product of Enigma software group are the maker of SpyHunter Crack received. SpyHunter 5.3.2 Crack with Email and Password 2019 Keygen Free Download is the product of Enigma software group are the maker of SpyHunter Crack received. Threats it is right now.

Active1 year ago

I'm currently involved in developing a product (developed in C#) that'll be available for downloading and installing for free but in a very limited version. To get access to all the features the user has to pay a license fee and receive a key. That key will then be entered into the application to 'unlock' the full version.

As using a license key like that is kind of usual I'm wondering :

  1. How's that usually solved?
  2. How can I generate the key and how can it be validated by the application?
  3. How can I also avoid having a key getting published on the Internet and used by others that haven't payed the license (a key that basically isn't 'theirs').

I guess I should also tie the key to the version of application somehow so it'll be possible to charge for new keys in feature versions.

Anything else I should think about in this scenario?

Robert Harvey
153k38 gold badges293 silver badges432 bronze badges
RiriRiri
5,78612 gold badges55 silver badges78 bronze badges

15 Answers

Caveat: you can't prevent users from pirating, but only make it easier for honest users to do the right thing.

Assuming you don't want to do a special build for each user, then:

  • Generate yourself a secret key for the product
  • Take the user's name
  • Concatentate the users name and the secret key and hash with (for example) SHA1
  • Unpack the SHA1 hash as an alphanumeric string. This is the individual user's 'Product Key'
  • Within the program, do the same hash, and compare with the product key. If equal, OK.

But, I repeat: this won't prevent piracy

I have recently read that this approach is not cryptographically very sound. But this solution is already weak (as the software itself has to include the secret key somewhere), so I don't think this discovery invalidates the solution as far as it goes.

Just thought I really ought to mention this, though; if you're planning to derive something else from this, beware.

Steven A. Lowe
54.5k16 gold badges122 silver badges198 bronze badges
Brent.Longborough

Code It Right Keygen software, free download

Brent.Longborough
6,8368 gold badges36 silver badges57 bronze badges

There are many ways to generate license keys, but very few of those ways are truly secure. And it's a pity, because for companies, license keys have almost the same value as real cash.

Ideally, you would want your license keys to have the following properties:

  1. Only your company should be able to generate license keys for your products, even if someone completely reverse engineers your products (which WILL happen, I speak from experience). Obfuscating the algorithm or hiding an encryption key within your software is really out of the question if you are serious about controlling licensing. If your product is successful, someone will make a key generator in a matter of days from release.

  2. A license key should be useable on only one computer (or at least you should be able to control this very tightly)

  3. A license key should be short and easy to type or dictate over the phone. You don't want every customer calling the technical support because they don't understand if the key contains a 'l' or a '1'. Your support department would thank you for this, and you will have lower costs in this area.

So how do you solve these challenges ?

  1. The answer is simple but technically challenging: digital signatures using public key cryptography. Your license keys should be in fact signed 'documents', containing some useful data, signed with your company's private key. The signatures should be part of the license key. The product should validate the license keys with the corresponding public key. This way, even if someone has full access to your product's logic, they cannot generate license keys because they don't have the private key. A license key would look like this: BASE32(CONCAT(DATA, PRIVATE_KEY_ENCRYPTED(HASH(DATA))))The biggest challenge here is that the classical public key algorithms have large signature sizes. RSA512 has an 1024-bit signature. You don't want your license keys to have hundreds of characters.One of the most powerful approaches is to use elliptic curve cryptography (with careful implementations to avoid the existing patents). ECC keys are like 6 times shorter than RSA keys, for the same strength. You can further reduce the signature sizes using algorithms like the Schnorr digital signature algorithm (patent expired in 2008 - good :) )

  2. This is achievable by product activation (Windows is a good example). Basically, for a customer with a valid license key, you need to generate some 'activation data' which is a signed message embedding the computer's hardware id as the signed data. This is usually done over the internet, but only ONCE: the product sends the license key and the computer hardware id to an activation server, and the activation server sends back the signed message (which can also be made short and easy to dictate over the phone). From that moment on, the product does not check the license key at startup, but the activation data, which needs the computer to be the same in order to validate (otherwise, the DATA would be different and the digital signature would not validate). Note that the activation data checking do not require verification over the Internet: it is sufficient to verify the digital signature of the activation data with the public key already embedded in the product.

  3. Well, just eliminate redundant characters like '1', 'l', '0', 'o' from your keys. Split the license key string into groups of characters.

Andrew Barber
34.6k14 gold badges80 silver badges109 bronze badges
Catalin S.Catalin S.

Simple answer - No matter what scheme you use it can be cracked.

Don't punish honest customers with a system meant to prevent hackers, as hackers will crack it regardless.

A simple hashed code tied to their email or similar is probably good enough. Hardware based IDs always become an issue when people need to reinstall or update hardware.

Good thread on the issue:http://discuss.joelonsoftware.com/default.asp?biz.5.82298.34

palerdot
4,4651 gold badge30 silver badges38 bronze badges
schoonerschooner
2,1518 gold badges25 silver badges37 bronze badges

When generating the key, don't forget to concatenate the version and build number to the string you calculate the hash on. That way there won't be a single key that unlocks all everything you ever released.

After you find some keys or patches floating in astalavista.box.sk you'll know that you succeeded in making something popular enough that somebody bothered to crack. Rejoice!

shooshshoosh
50.6k45 gold badges185 silver badges297 bronze badges

Besides what has already been stated..

Any use of .NET applications are inherently breakable because of the intermediate language issues. A simple disassembly of the .NET code will open your product to anyone. They can easily bypass your licensing code at that point.

You can't even use hardware values to create a key anymore. Virtual machines now allow someone to create an image of a 'licensed' machine and run it on any platform they choose.

If it's expensive software there are other solutions. If it's not, just make it difficult enough for the casual hacker. And accept the fact that there will be unlicensed copies out there eventually.

If your product is complicated, the inherent support issues will be create some protection for you.

Brant Herrett

The C# / .NET engine we use for licence key generation is now maintained as open source:

https://github.com/appsoftware/.NET-Licence-Key-Generator.

It's based on a 'Partial Key Verification' system which means only a subset of the key that you use to generate the key has to be compiled into your distributable. You create the keys your self, so the licence implementation is unique to your software.

Keygen Software Download

As stated above, if your code can be decompiled, it's relatively easy to circumvent most licencing systems.

gb2dgb2d
3,5077 gold badges42 silver badges87 bronze badges

I've used Crypkey in the past. It's one of many available.

You can only protect software up to a point with any licensing scheme.

Mitch WheatMitch Wheat
262k36 gold badges413 silver badges506 bronze badges

I don't know how elaborate you want to get

but i believe that .net can access the hard drive serial number.

you could have the program send you that and something eles ( like user name and mac address of the nic)

you compute a code based off that and email them back the key.

they will keep them from switching machines after they have the key.

Crash893Crash893
4,98720 gold badges79 silver badges116 bronze badges

I'm one of the developers behind the Cryptolens software licensing platform and have been working on licensing systems since the age of 14. In this answer, I have included some tips based on experience acquired over the years.

The best way of solving this is by setting up a license key server that each instance of the application will call in order to verify a license key.

Benefits of a license key server

The advantages with a license key server is that:

  1. you can always update or block a license key with immediate effect.
  2. each license key can be locked to certain number of machines (this helps to prevent users from publishing the license key online for others to use).

Considerations

Although verifying licenses online gives you more control over each instance of the application, internet connection is not always present (especially if you target larger enterprises), so we need another way of performing the license key verification.

Free trial of code it right

The solution is to always sign the license key response from the server using a public-key cryptosystem such as RSA or ECC (possibly better if you plan to run on embedded systems). Your application should only have the public key to verify the license key response.

So in case there's no internet connection, you can use the previous license key response instead. Make sure to store both the date and the machine identifier in the response and check that it's not too old (eg. you allow users to be offline at most 30 days, etc) and that the license key response belongs to the correct device.

Note you should always check the certificate of license key response, even if you are connected to the internet), in order to ensure that it has not been changed since it left the server (this still has to be done even if your API to the license key server uses https)

Protecting secret algorithms

Most .NET applications can be reverse engineered quite easily (there is both a diassembler provided by Microsoft to get the IL code and some commercial products can even retrieve the source code in eg. C#). Of course, you can always obfuscate the code, but it's never 100% secure.

I most cases, the purpose of any software licensing solution is to help honest people being honest (i.e. that honest users who are willing to pay don't forget to pay after a trial expires, etc).

However, you may still have some code that you by no means want to leak out to the public (eg. an algorithm to predict stock prices, etc). In this case, the only way to go is to create an API endpoint that your application will call each time the method should be executed. It requires internet connection but it ensures that your secret code is never executed by the client machine.

Implementation

If you don't want to implement everything yourself, I would recommend to take a look at this tutorial (part of Cryptolens)

ArtemArtem

The only way to do everything you asked for is to require an internet access and verification with a server. The application needs to sign in to the server with the key, and then you need to store the session details, like the IP address. This will prevent the key from being used on several different machines. This is usually not very popular with the users of the application, and unless this is a very expensive and complicated application it's not worth it.

You could just have a license key for the application, and then check client side if the key is good, but it is easy to distribute this key to other users, and with a decompiler new keys can be generated.

MariusMarius
43.9k25 gold badges118 silver badges139 bronze badges

I've implemented internet-based one-time activation on my company's software (C# .net) that requires a license key that refers to a license stored in the server's database. The software hits the server with the key and is given license information that is then encrypted locally using an RSA key generated from some variables (a combination of CPUID and other stuff that won't change often) on the client computer and then stores it in the registry.

It requires some server-side coding, but it has worked really well for us and I was able to use the same system when we expanded to browser-based software. It also gives your sales people great info about who, where and when the software is being used. Any licensing system that is only handled locally is fully vulnerable to exploitation, especially with reflection in .NET. But, like everyone else has said, no system is wholly secure.

In my opinion, if you aren't using web-based licensing, there's no real point to protecting the software at all. With the headache that DRM can cause, it's not fair to the users who have actually paid for it to suffer.

jugg1esjugg1es

I strongly believe, that only public key cryptography based licensing system is the right approach here, because you don't have to include essential information required for license generation into your sourcecode.

In the past, I've used Treek's Licensing Library many times, because it fullfills this requirements and offers really good price. It uses the same license protection for end users and itself and noone cracked that until now. You can also find good tips on the website to avoid piracy and cracking.

panpernicekpanpernicek

Like a few others mentioned, I'm a huge opponent of being hostile to customers by default—something that the licensing industry is notorious for. So I'll expand on a good solution for your problem that also offers a good customer UX.

To start off, you mentioned that you have a 'limited' version of your software that you're using to try and convert customers to 'upgrade' for additional features. So what you're looking for are feature licenses for your product e.g. a customer can purchase a license for feature-X or feature-Y.

I built Keygen with this type of licensing in mind. Keygen is a licensing REST API that allows you to manage user accounts, licenses and also track machine usage/associations.

What I would do is set up 2 license types (a policy within Keygen) where one is a base policy for the limited free version, and the other is a policy for the paid version.

I'm not sure what you're using for payments, but let's assume you're using something like Stripe (pretty standard nowadays) that offers webhooks. Keygen also has webhooks (whether you use it or not, all this is still applicable). You can integrate Keygen to talk with your payment provider using webhooks from both sides (think: customer.created->create base license for customer, license.created->charge customer for the new license).

So by utilizing webhooks, we can automate license creation for new customers. So what about license validation within the application itself? This can be done in a variety of ways, but the most popular way is by requiring your customer to enter a long license key into an input field which you can then validate; I think this is a terrible way to handle license validation in your application.

Why do I think that? Well first off, you're requiring your customer to input a tediously long license key that is meant for machine consumption, and second your requiring you and your customer to keep track of said tediously long license key.

Okay, so what's an alternative? I think the best alternative is doing something all of your customers are used to: allowing them to create an account for your product using an email/password. You can then associate all of their licenses and their machines with that account. So now instead of inputting a license key, they can simply log in using their credentials.

What advantage does that give you? Firstly, it gets rid of the need for you and your customers to keep track of license keys, since it's all handled behind-the-scenes inside of their user account and most importantly: you can now offer your customers self-serve license and machine activation! i.e. since all of their licenses and machines are associated with their user account, you can prompt them to purchase a license when they fire up your application on an unrecognized machine.

Now onto license validation: whenever your customer logs into your application with their email/password, you can query their user account for the licenses they own to determine if they can use feature-X or feature-Y. And since your application is now self-serve, you can allow your customers to purchase additional features directly from within your application!

So we've introduced a ton of automation to our licensing system, we can license individual features (i.e. a limited vs. full version), we've offered an awesome UX for our customers and we've also alleviated one of the biggest reasons for support requests: license key recovery.

Anyways, this got long but hopefully it helps somebody!

ezekgezekg

It is not possible to prevent software piracy completely. You can prevent casual piracy and that's what all licensing solutions out their do.

Node (machine) locked licensing is best if you want to prevent reuse of license keys. I have been using Cryptlex for about a year now for my software. It has a free plan also, so if you don't expect too many customers you can use it for free.

adnan kamiliadnan kamili
4,6734 gold badges39 silver badges83 bronze badges
Software

You can use a free third party solution to handle this for you such as Quantum-Key.Net It's free and handles payments via paypal through a web sales page it creates for you, key issuing via email and locks key use to a specific computer to prevent piracy.

Your should also take care to obfuscate/encrypt your code or it can easily be reverse engineered using software such as De4dot and .NetReflector. A good free code obfuscator is ConfuserEx wich is fast and simple to use and more effective than expensive alternatives.

You should run your finished software through De4Dot and .NetReflector to reverse-engineer it and see what a cracker would see if they did the same thing and to make sure you have not left any important code exposed or undisguised.

Your software will still be crackable but for the casual cracker it may well be enough to put them off and these simple steps will also prevent your code being extracted and re-used.

DamoDamo

protected by CommunityMay 5 '13 at 13:48

Thank you for your interest in this question. Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?

Not the answer you're looking for? Browse other questions tagged c#license-key or ask your own question.

Request Codes are only necessary if you ownperpetual license software and need to request an activation codein order to manually activate software on a computer that doesnot have Internet access. Generating a request code is thefirst step of the process for manually activating yourAutodesk software.

Note: Request codes and manual activationare required only for perpetual license software. You need avalid serial number and product key in order togenerate a request code for your perpetual license software.You do not need a Request Code for subscription software or inorder to access your softwareonline using a serial number and product key.

Generating a Request Code with the Product ActivationWizard

You will only see the screens for generating a request code inthe product activation wizard if your computer is notconnected to the Internet. If your computer has an activeInternet connection, the software will assume you want to activateonline and it will not display the screens for a Request Code.

To generate a request code for manualactivation:

  1. Disable your Internet connection and launch your software.

    This is an offline process. The screens below will onlyappear if your computer is not connected to theInternet.

  2. Click the Activate button on theFree Trial screen.
    Note: Autodesk software products will operate on aFree Trial license until activated. If you purchased your softwareand didn't use it as a Free Trial, you still need to initiateactivation of your software from the Free Trial screen. Your screenmay look different depending on your product, but the processshould be similar for all supported products.
  3. Enter your Serial Number and Product Key and clickthe Next button.
  4. Select 'Request an activation code using an offline method' andclick the Next button.
    Note: You will only receive this screen and optionif you are using a computer that has no active Internetconnection. If your computer is connected to the Internet, thesoftware will assume you want to activate automatically over theInternet and you will not see the screen for generating a requestcode.
  5. Record the activation information provided.

  6. Process the activation in one of the following ways:

    • Enter the information at register.autodesk.com to get anactivation code instantly.
    • Complete the Web request form at the address provided on thescreen. (This method to get an activation code via email maytake up to 48 hours.)


  7. Click the Close button to exit thewizard and resume using your software in Free Trial mode.

Finding Stored Registration Information

Most products will generate an HTML file containing your requestcode and registration information when you install your Autodeskproduct using a valid serial number and product key.
Note: The registration file described below maynot be available for all products and platforms. If you cannot finda previously generated request code, please generate a new onefollowing the instructions above. See Activate Offline withActivation Code (Perpetual) for a complete description of theprocess for activating your software offline.

To find a Request Code saved on yourcomputer:

  1. Search for 'USRegInfo.html' on yourcomputer.
    Note: The file's location and name will varydepending on your product and operating system. Here are examplesof typical locations for the registration information:
    • For Windows Systems:
      C:ProgramDataAutodeskAdlmProductNameVersion_USRegInfo.html
    • For Mac Systems:
      /Library/ApplicationSupport/Autodesk/Adlm/ProductNameVersion_USRegInfo.html

    Don't see your request code?See:Can't find the html file for the request code

    All you have to do in order to get our Email hacking app for Android and iOS is to visit our website directly from your smartphone or tablet. Free password hack for website programs. This is why we created Email Hacker for mobile, an Android and iOS compatible version of Email Hacker that let’s you hack email passwords on the go! Nowadays we use our phones for nearly everything, why not for hacking? With Email Hacker for mobile you can hack Gmail, Yahoo, Hotmail and many other email account passwords directly from mobile phone or tablet.

  2. Open the file with your product name and version in the filename.

See Also:

sipoc.netlify.app – 2018