The Design of Software (CLOSED)

A public forum for discussing the design of software, from the user interface to the code architecture. Now closed.

The "Design of Software" discussion group has been merged with the main Joel on Software discussion group.

The archives will remain online indefinitely.

Sharing License Keys

Is it worth the time to try to implement a registration scheme that only allows a key to be used once?  Or will it just frustrate a user when they reformat their computer or move to a new computer and want to use their license key again?  I look forward to your opinion and/or past experience.
Tuesday, March 14, 2006
I once installed Together UML tool back when it was owned by TogetherSoft.  They tied the installation to the MAC address on the network card.  When I got a new computer it was not worth the bother to me to get a new valid license key, so I simply stopped using the product.
Tuesday, March 14, 2006
So they made a sale and didn't have to support you! (jk)
Tuesday, March 14, 2006
There's a fine line that you have to walk regarding how much you irritate the user with licensing.  The more valuable or necesary the software is, the more the user is going to be willing to put up with.
I work for a company that produces mortgage lending applications, an absolute necesity for a mortgage banker.  Our users have to go through all manner of nightmares to get our software installed and licensed, but they do it and just accept that its painful because they have to have our software. 
The same cannot be said for most basic ISV software.  If you irritate your customers and they have the option of not using your stuff, they likely won't.
So to answer your question, no, I don't think you should use single use license keys.  Unless you have a killer app and they have no choice, it'll end up hurting more than it will help.  Imagine how irritating it would be if we needed to call MS every time we re-installed Windows to get a new license key.
Martin Beechen Send private email
Tuesday, March 14, 2006
Very good point.  But I do hate when users threaten they will pass the key along to their friends if they do not get say an x% discount.  And also you may see a key show up on the Internet.
Tuesday, March 14, 2006
We've recently had to confront this issue. Our application is multi-user and has an MSDE database at its

The solution we arrived at was to generate a GUID when our application's database is first installed, and tie the licence to that GUID -- effectively linking the licence with the user's database, and not the machine itself.

One really nice thing about the way it works is that licences are either eval or perpetual. When you first install the software you'll automatically get a new database and a 30 day eval licence installed for you. If you want a perpetual licence, you hand over some cash first.

This way if someone does take a copy of the software and install it on another machine they can do so quite freely, but they'll only get 30 days of operation before most of the GUI becomes unavailable to them.

It's far from bullet proof, but it's good enough to deter trivial copying without creating major problems for our users.
Andrew Lighten Send private email
Tuesday, March 14, 2006
I won't buy a product if I know it uses a registration scheme like this.  Why do companies want to punish paying customers?  I'll never understand this.  People who pirate your software won't be inconvenienced by this.  People who pay for your software will.
SomeBody Send private email
Tuesday, March 14, 2006
Andrew: Yeah, I am not sure if there is a full proof way.

SomeBody: If people want to steal the software they will find a way, right?  That should not create an inconvenience for ho nest customers.  Seems similar to laws that try to ban guns.  The criminals are still going to find a way to get them.
Tuesday, March 14, 2006
Fool proof.
Artad Gobeski
Tuesday, March 14, 2006
With software without a license scheme tied to a computer, we were getting lots of single sales to companies.

As soon as we implemented an activation scheme, the sales pattern changed. We get lots of companies buying one license and 1-2 months later buying another 3-4.

The only conclusion I can come to from this is there are lots of companies who buy one copy so they get support and feel they are legal enough, but then run the software on several machines.
Wednesday, March 15, 2006
I *do* have to call MS every time i reinstall windows, apparently I've exceeded some random number of times i can install XP.. (always the same machine) so now every time i reinstall i have to call them.. annoying, but frankly they always chuck me back the number so i'm not that bothered. mostly cuz its an 0800 (free call) number. if i had to pay for it. well i wouldn't be happy.

i try to avoid anything requiring registration, 'activation' is a big no-no, since my main machine isn't always on the net its just to much of a pain unless there is no choice, i guess anything costing less than a few hundred quid doesn't cut it as 'that important' to bother with.

if i bought something requiring online registration of some sort, that didn't say so on the box (i look closely) it goes back as not fit for purpose, i have actually got refunds cus of this as well.

moral: don't irritate customers, they won't come back and repeat business / word of mouth recommendation is the best way to go. I remember hearing that if someone likes something they may tell one person, if they don't like it they will tell many more.
Claire Rand
Wednesday, March 15, 2006
>>The only conclusion I can come to from this is there are lots of companies who buy one copy so they get support and feel they are legal enough, but then run the software on several machines.

I'm pretty sure this is happening to me as well, I haven't done anything about it but will for my next major release.
Wednesday, March 15, 2006
Following on from Andrew Lighten's post, which talks about an MSDE, what about having the application talk to a database table on start up (if you are using windows authentication) so that only a certain number of users can be live. The table will have all usernames with a field indicating whether the username has been enabled. The count of the enabled's should not exceed the number of licences sold.

Since its a single sign on, you can check a users log on name against the list of 'live' users. You can also have the app check back from time to time so a user is not enabled for atart up and then disabled to allow others on. Sprinkle in a good dose of encryption to make it tamperproof.

You will have to do a bit of wireing to manage these permissions and then be able activate and deactivate users at will. But if it will keep your clients buying licences..? Also check out fogbugz licencing approach.

Wednesday, March 15, 2006
I don't think registration schemes are worth the hassle for you or the customer, except perhaps when the licences are £1000+.

>But I do hate when users threaten they will pass the key along to their friends if they do not get say an x% discount.

I would refuse to sell a licence to someone like that. I don't need that sort of customer.
Andy Brice Send private email
Wednesday, March 15, 2006
At application startup, you could display a splash screen that says "Licensed to Customer X; licensed for Y users". 
That will keep the honest people honest; isn't that good enough?
Chris Marshall Send private email
Wednesday, March 15, 2006
Seeing the frustration that Microsoft has achieved with their activation scheme, I would say

"Don't do it unless you can do it at least as well as Microsoft did."

They didn't go for a single-use activation key that would choke as soon as you reinstall.  And I've never had a problem activating a PC - never an unavailable server or a code that should work but somehow didn't.  But it's still one more number for me to track forever, and if I lose it, my investment is wiped out.  That bugs me.

I was wondering about an activation/ping concept - a new machine gets activated and the MAC or something gets recorded, then once a <arbitrary time period> the apps pings the home office.  If the old app is uninstalled or never run, and never is heard from again, then the new app is a fair reinstall.  If the old app resurfaces after the new app is activated, let the user pick:  Which one should be deactivated?
That's just me thinking out loud, though.  I don't claim to know all the ramifications.

Oh, and if you're targeting games this is probably fine but if you're targeting dev tools you may want to consider that cheating with virtual machines will make multiple installations look identical to this sort of scheme.  Frankly I don't see what even Microsoft is going to do about that.

What I mean to say is, it can be done but it's tricky and it's incomplete.  Which is why I think Chris Marshall's simple splash screen idea is really worth considering while you're going to all this trouble.
Chaz Haws Send private email
Thursday, March 16, 2006
What I've done is require the customer to provide the name that has been specified as the owner of their machine, in this case a Pocket PC. That information is fairly prominent on the device.

Then I generate a registration code dependent on the customer's name. Then when they activate the software, the registration routine looks up the value stored in the owner's name field. If it doesn't match what the original customer provided, then software doesn't unlock.

That has seemed to keep the honest users honest. If a key appears on the net, it can be traced back to the original purchaser.

Also, the user can re-install as many times as they wish as long as they have both pieces of information.

There have been only a few times where a customer has asked to change their name, because of a mispelling or something, and I have generated a new key for those customers. Sure, one or two license could possibly be leaked as a result, but I've had really good success with this approach.
Steve Brown Send private email
Monday, March 20, 2006
Piling onto Chaz's point about doing registration at least as well as Microsoft makes me think of the commitment to support a restrictive registration scheme would require. I do a lot of computing at odd hours... (ok... ALL hours.) and I always seem to be installing things at 3am... and that is when things go wrong. It would be a real bummer if for some reason my legit copy of an application wouldn't install because I require a new key and support (phone or rapid response email) was unavailable.
Matthew K Send private email
Wednesday, March 22, 2006

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
Powered by FogBugz