3 Ways to Prevent License Key Sharing in .NET Apps

---

When you sell .NET software, preventing license key sharing is critical to protecting revenue. A single license key shared across multiple computers means lost sales.

Here are 3 proven methods to stop unauthorized key sharing, with code examples using Quick License Manager.

Method 1: Hardware Binding

Hardware binding ties a license key to a specific computer by embedding a unique identifier in the key. Users cannot reuse the key on other machines.

Common Hardware Identifiers:

Computer Name - Recommended for enterprise customers. Survives hardware changes but can be bypassed if another computer uses the same name.

MAC Address - Network card identifier. Can be complicated with multiple network cards or USB adapters.

Volume Serial Number - Tied to hard drive. Changes if user reformats the drive.

Motherboard Serial Number - Strong security but some manufacturers don't use unique serial numbers.

Implementation with QLM:

using QlmLicenseLib;

public class LicenseValidator
{
    private QlmLicense license;

    public bool ValidateLicense(string activationKey)
    {
        license = new QlmLicense();
        license.DefineProduct(1, "MyApp", 1, 0, null, null);

        // Bind to Computer Name
        bool needsActivation = false;
        string errorMsg = string.Empty;

        bool isValid = license.ValidateLicenseAtStartupByBinding(
            ELicenseBinding.ComputerName,
            ref needsActivation,
            ref errorMsg
        );

        if (!isValid)
        {
            MessageBox.Show(errorMsg, "License Invalid");
            return false;
        }

        return true;
    }
}

When to use: Enterprise B2B customers where piracy is less common. Computer Name binding has minimal support issues.

When NOT to use: Consumer B2C markets where users might attempt to bypass protection.

Method 2: Limit Activations Per System

Prevent users from activating the same key multiple times by setting activation limits. This stops VM cloning and repeated trial abuse.

QLM enforces this with server properties:

• maxActivationsPerSystem - Maximum activations allowed per computer

• maxActivationsEnforcedOnVMsOnly - Enforce limits only on virtual machines

How It Works:

Each time a user activates a license, QLM increments the Activation Count. When the limit is reached, further activations are blocked.

Configuration:

In QLM Management Console:

1. Go to Manage Keys tab

2. Select Options → Server Properties

3. Set maxActivationsPerSystem (example: 3)

4. Set maxActivationsEnforcedOnVMsOnly to true or false

Manual Reset (if needed):

If a legitimate customer needs to reactivate:

1. Open QLM Management Console

2. Go to Manage Keys

3. Find the customer's license

4. Click Release to deactivate

5. Customer can now activate on new system

When to use: Trial licenses, consumer software, or any scenario where VM cloning is a concern.

Method 3: Server-Side Validation

Add periodic server checks to verify licenses are still valid and detect unauthorized usage.

Implementation:

public class ServerValidator
{
    private QlmLicense license;

    public bool ValidateWithServer(string activationKey)
    {
        license = new QlmLicense();
        license.DefineProduct(1, "MyApp", 1, 0, null, null);

        string response;
        bool isValid = license.ValidateLicenseOnServer(
            activationKey,
            out response
        );

        if (!isValid)
        {
            // License invalid on server
            DeleteLocalLicense();
            return false;
        }

        return true;
    }

    private void DeleteLocalLicense()
    {
        license.DeleteKeys();
    }
}

Benefits:

• Detects if the same license is activated on multiple computers

• Automatically invalidates stolen keys

• Provides usage analytics

• Enables remote license revocation

QLM's Illegal Computer Detection:

QLM automatically calls IsIllegalComputer during validation. If it detects the license is activated on another computer on the server, it deletes the local keys automatically.

When to use: Applications with internet connectivity. Not suitable for fully offline environments.

Combining Methods

The strongest protection combines all three:

1. Hardware binding - Ties key to specific machine

2. Activation limits - Prevents repeated activations

3. Server validation - Detects illegal usage

Recommended Settings by Market:

Enterprise B2B:

• Hardware Binding: Computer Name

• Activation Limits: Disabled or high limit

• Server Validation: Optional

Consumer B2C:

• Hardware Binding: Motherboard Serial Number or Volume Serial Number

• Activation Limits: 2-3 activations per system

• Server Validation: Enabled with daily checks

Affordable Software (<$100):

• Hardware Binding: Computer Name (minimize support)

• Activation Limits: 5 activations

• Server Validation: Weekly checks

Implementation Resources

Quick License Manager handles all these methods automatically:

• Download: https://soraco.co/quick-license-manager/qlm-downloads/qlmdownloadtrial/

• Documentation: https://docs.soraco.co

• Pricing: https://soraco.co/pricing

Works with .NET 6, 7, 8, 9, and 10.

Conclusion

Preventing license key sharing requires balancing security with customer experience. Choose methods based on your target market:

• Enterprise customers: Use Computer Name binding only

• Consumer software: Combine hardware binding with activation limits

• High-value software: Use all three methods

The goal is protecting revenue without frustrating legitimate customers.

---

Need help implementing license protection? Quick License Manager provides all these features out of the box with minimal code.