What the easiest way to handle licensing for .NET applications? [closed]

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that t开发者_高级运维his question can be improved and possibly reopened, visit the help center for guidance. Closed 9 years ago.

I'm about to deliver my freelance Windows Forms project.

What is the easiest way to handle licensing? My target machine doesn't have internet access so I don't think validating via a webservice would be the best course of action.

I just don't want them to copy my program and run it on other machines, or even sell it themselves.

---

There are so many ways of doing it and they all depend on what your target audience/deployment environment is going to be.

Since you can't call home, you will need to rely on serial numbers. If you have a client/server architecture, then you can store the registrations on the server and clients can check them.

If it's just a client only app then you can 1) use serial numbers 2) have them generate a serial request which uses their MAC address or some other unique identifier to determine the machine they are installing on. This way when you issue a serial based on their request, it will only work on the machine in which the request was generated.

---

You can use a dongle, i think it's the safest way. A dongle can hold sensitive parts of your application and the application will not run until the dongle plugged in usb port, you should read more about it and i think there is a special dongle for dotnet apps. Trust me we use it in our company form long time.

---

If the terms of your software say that's how it is licensed, then that should be enough.

Don't forget that since you wrote this software, chances are good that you will be called back for fixes/enhancements. This should give you plenty of opportunity to see if your license is being abused.

---

There are obfuscation solutions that provide built in licensing security. You can try one of those. XenoCode is one of them. http://www.xenocode.com/

---

Include an installer for your software. This installer should set some registry keys that identify this machine as having a valid installation; your program will then interrogate those keys and determine if it should run.

The question of how to produce those keys and what they should be is answered by how esoteric you want to get. The simpler they are, the easier for you to implement, but the simpler for them to spoof. If you just want to make it easier to buy a license than to spoof the install, you can do that by having the installer require a license key that can be decrypted by it into something it will expect (like the name the user also typed in). Then it can encrypt and set a registry key that your program will decrypt when it starts to determine a valid install. This can be spoofed, and without Internet access it does not prove that one person is not using the same key on many computers.

If you want to make sure that EVERY installation is individually licensed, without fail, you must have internet access, because your installer or your program itself will have to talk to a centralized web service (or a license key server, common for enterprise installs) to determine that the key is genuine and not currently in use by another computer.