Another solution is to use a licensing technology with a dongle. This is a small device that plugs into USB or another I/O port on the host, and serves as a unique, physical key to activate the software.

另一种解决方案是使用带有加密狗的许可技术。这是一个插入主机上的 USB 或其他 I/O 端口的小型设备，用作激活软件的唯一物理密钥。

A third solution is to provide a license manager. That is, when the software starts up, it queries a server on the network (either on the customer's LAN or else accessed at your company via the internet) that validates that the customer's usage of the software is legitimate. This is a good solution for "concurrent licenses" so customers can install your software on many hosts, but you license it for simultaneous use on a limited number of hosts. FLEXnet Publisheris an example of a license management solution.

第三种解决方案是提供许可证管理器。也就是说，当软件启动时，它会查询网络上的服务器（在客户的 LAN 上或通过互联网在您的公司访问），以验证客户对软件的使用是否合法。这是“并发许可”的一个很好的解决方案，因此客户可以在许多主机上安装您的软件，但您许可它在有限数量的主机上同时使用。 FLEXnet Publisher是许可证管理解决方案的一个示例。

The MAC address of the network card is the solution I used last time I worked for a company that licensed software to run on a specific host.

网卡的MAC地址是我上次在一家公司工作时使用的解决方案，该公司许可软件在特定主机上运行。

However, I want to offer a caution: if you do this type of licensing, you have to anticipate that it'll become an ongoing administrative choreto track your customers' licenses. Once you have a few hundred customers, you'll be amazed at how frequently you get phone calls with requests to change keys

但是，我想提个醒：如果您进行此类许可，您必须预见到跟踪客户的许可将成为一项持续的管理工作。一旦你有几百个客户，你会惊讶于你接到电话要求更换密钥的频率

"We upgraded our server to a gigabit network adapter, and now the license won't work because the new adapter has a different MAC address."

“我们将我们的服务器升级为千兆网络适配器，现在许可证将无法使用，因为新适配器具有不同的 MAC 地址。”

Or else the customers may replace their whole machine, and need an updated license to run your software on the new machine. We got these calls practically every day at the company I worked for.

否则，客户可能会更换他们的整台机器，并且需要更新的许可证才能在新机器上运行您的软件。在我工作的公司，我们几乎每天都会接到这些电话。

You also need to trust the customer to stop using your software on the old computer (or network adapter) if you give them a new key. If you couldn't trust them to obey the license in the first place, how can you trust that they'll throw away the old key?

如果您给他们一个新密钥，您还需要相信客户会停止在旧计算机（或网络适配器）上使用您的软件。如果你一开始就不能相信他们会遵守许可证，你怎么能相信他们会扔掉旧钥匙？

If you don't plan how you're going to support this administrative activity, don't license your product in this way. You'll only inconvenience your good customers, who would have cooperated anyway.

如果您不打算如何支持此管理活动，请不要以这种方式许可您的产品。你只会给你的好客户带来不便，他们无论如何都会合作。

I'll play devil's advocate here and tell you that something like this probably isn't the best thing to discuss in "public".

我将在这里扮演魔鬼的拥护者，并告诉你这样的事情可能不是在“公开”中讨论的最佳方式。

With that said, look at what others may have done and possibly improve on (or take a portion of) it. MAC address, like you've said, is possibly okay to use. I've heard that Windows and other programs use hard drive information (serial number) -- according to this site, Windows Activation checks 10 different items and makes them into a unique key.

话虽如此，看看其他人可能做了什么，并可能对其进行改进（或采取一部分）。MAC地址，就像你说的，可能可以使用。我听说 Windows 和其他程序使用硬盘驱动器信息（序列号）——根据这个站点，Windows 激活检查 10 个不同的项目并将它们变成一个唯一的密钥。

best way is taking the UUID using C# in Windows

最好的方法是在 Windows 中使用 C# 获取 UUID

The Best Way To Uniquely Identify A Windows Machine

唯一标识 Windows 计算机的最佳方法

public string GetUUID()
{
    var procStartInfo = new ProcessStartInfo("cmd", "/c " + "wmic csproduct get UUID")
    {
        RedirectStandardOutput = true,
        UseShellExecute = false,
        CreateNoWindow = true
    };

    var proc = new Process() { StartInfo = procStartInfo };
    proc.Start();

    return proc.StandardOutput.ReadToEnd().Replace("UUID", string.Empty).Trim().ToUpper();
}

The idea I am toying with is using a few serial numbers or unique id's related to the hardware and hashing them together.

我正在考虑的想法是使用一些与硬件相关的序列号或唯一 ID 并将它们散列在一起。

Things that get upgraded: -Memory -MACs (can be spoofed, usb adapters get plugged in, etc.)

升级的东西： -Memory -MACs（可以被欺骗，插入USB适配器等）

Things that don't get upgraded often: -CPU -BIOS -Motherboard

不经常升级的东西：-CPU -BIOS -Motherboard

Using WMIC can be a great way to grab some info, I would start by grabbing things that don't change often as the first and preferred choice, I would like to be able to fingerprint at least 2 serial numbers or devices to use for generating a registration key.

使用 WMIC 是获取一些信息的好方法，我首先将不经常更改的内容作为首选和首选选择，我希望能够对至少 2 个序列号或设备进行指纹识别以用于生成一个注册码。

wmic cpu get DeviceId /format:value

That will grab the CPU ID, you could run that command for:

这将获取 CPU ID，您可以运行该命令：

1 - CPU (cpu:DeviceID) 2 - Motherboard (baseboard:serialnumber) 3 - BIOS (bios:serialnumber)

1 - CPU (cpu:DeviceID) 2 - 主板 (baseboard:serialnumber) 3 - BIOS (bios:serialnumber)

if you don't get at least 2 populated values, then grab

如果你没有得到至少 2 个填充值，那么抓住

4 - Network Adapter - (nic:MACAddress) 5 - RAM - (memphysical:SerialNumber)

4 - 网络适配器 - (nic:MACAddress) 5 - RAM - (memphysical:SerialNumber)

Depending on your business logic you can use the first two serial numbers available to create your registration number, and if you always follow the same order then on re-installs the registration number will still work, however if a device changes or a user tries to install on a secondary computer the id's change invalidating the registration number. To reduce the amount of tech support calls the least amount of hardware you fingerprint will give the least amount of headaches and if you try to fingerprint the least likely items to be upgraded that further reduces headaches. My preference is the order above.

根据您的业务逻辑，您可以使用前两个可用的序列号来创建您的注册号，如果您始终遵循相同的顺序，那么在重新安装时，注册号仍然有效，但是如果设备更改或用户尝试在辅助计算机上安装使注册号无效的 id 更改。为了减少技术支持电话的数量，您使用指纹的硬件数量最少，您的麻烦也最少，如果您尝试对最不可能升级的项目进行指纹识别，则可以进一步减少麻烦。我的偏好是上面的顺序。

You could use a Diffie-Hellman key exchange scheme to have the user generate a private/pulic key pair with their hardware id's as a payload, then pass this information up to a registration server where the registration server would use a public/private key to decrypt the payload and compute the registration key to return back to the end user. I like to use JWT to pass things back and forth witht he public keys included in the payload of the JWT. Hope that helps.

您可以使用 Diffie-Hellman 密钥交换方案让用户生成一个私钥/公钥对，并将其硬件 ID 作为有效负载，然后将此信息传递给注册服务器，注册服务器将使用公钥/私钥来解密有效负载并计算注册密钥以返回给最终用户。我喜欢使用 JWT 来回传递包含在 JWT 负载中的公钥。希望有帮助。

UUID was mentioned above and is a great idea you can get that by using the below command from your windows cmd.exe:

上面提到了 UUID，这是一个好主意，您可以通过使用 Windows cmd.exe 中的以下命令来获取它：

wmic csproduct get UUID /format:value      

Disclaimer these command only work for Windows I think 2000 and above but you would need to verify, they maybe available for systems below 2000 but at that point I really try not to support those devices. Good luck. *Looks like WMI is being deprecated in favor of powershell so to keep this post current here are the power shell commands.

免责声明这些命令仅适用于我认为 2000 及更高版本的 Windows，但您需要验证，它们可能适用于 2000 年以下的系统，但那时我真的尽量不支持这些设备。祝你好运。* 看起来 WMI 正在被弃用，以支持 powershell，因此为了使这篇文章保持最新状态，这里是 power shell 命令。

Get-CimInstance -ClassName Win32_Processor | Select SerialNumber

Get-CimInstance -ClassName Win32_BaseBoard | Select SerialNumber

Get-CimInstance -ClassName Win32_Bios | Select SerialNumber

Get-NetAdapter -Physical | Where-Object Status -like Up | Select-Object MacAddress

Get CimInstance -ClassName Win32_PhysicalMemory | Select SerialNumber

The network adapter cmdlet will only check for physical adapters so a virtual adapter couldn't be used and manipulated and I like to use the first adapter that is Up or being used so that a spare NIC can't be swapped around for install reasons.

网络适​​配器 cmdlet 将只检查物理适配器，因此无法使用和操作虚拟适配器，我喜欢使用第一个已启动或正在使用的适配器，以便无法出于安装原因交换备用 NIC。

On Mac:

在 Mac 上：

system_profiler | grep "Serial Number (system)"

On Linux (debian):

在 Linux (debian) 上：

sudo dmidecode -t system | grep "Serial Number"

dmidecode and system_profiler has other components it can grab serial numbers from similar to wmic in windows. I don't work on macs so I can't confirm a list of exact specs but creating a list of LCD (least common denominator) the serial numbers for the parts that all three commands can access is put together and groomed to the least likely parts to be upgraded or changed. Then a combination of the top 2-3 numbers hashed can make for a unique machine id that's a bit more robust and allows a cross platform app to be activated even on a device with it's operating system updated.

dmidecode 和 system_profiler 有其他组件，它可以从类似于 windows 中的 wmic 获取序列号。我不在 Mac 上工作，所以我无法确认确切的规格列表，但会创建一个 LCD（最小公分母）列表，将所有三个命令都可以访问的部件的序列号放在一起并整理到最不可能的要升级或更改的部件。然后，将散列的前 2-3 个数字组合起来，可以生成一个更强大的唯一机器 ID，并允许跨平台应用程序即使在操作系统更新的设备上也能被激活。

I would just use the MAC address to generate a request key, then require users to register with your client. Your client will have a special application that takes that request key and produces an activation key which the user can then use for activating the software. Once activated, the software works, just works - no occasionally phoning home for verification and such.

我只会使用 MAC 地址来生成请求密钥，然后要求用户向您的客户端注册。您的客户端将有一个特殊的应用程序，它获取该请求密钥并生成一个激活密钥，然后用户可以使用它来激活软件。一旦激活，该软件就可以正常工作了 - 没有偶尔打电话回家进行验证等。

That's if it were a real requirement. My first task would be to try and convince the client that this was a bad idea.

那是如果它是一个真正的要求。我的首要任务是尝试说服客户这是一个坏主意。

The reason is that these schemes practically neverprevent your code from being cracked. They do however make the lives of your genuine customers harder. I find it hard to think of any other industry that goes out of its way to annoy its genuine customers with schemes that never achieve their goals (other than government service, of course :-).

原因是这些方案实际上永远不会阻止您的代码被破解。然而，它们确实让您的真正客户的生活变得更加艰难。我发现很难想到任何其他行业会不遗余力地用永远无法实现其目标的计划来激怒其真正的客户（当然，政府服务除外:-）。

If you mustdo this, I'd just do a token effort to meet the contractual obligation (don't tell your client this however). Taking the MAC address (or a random number if, $DEITYforbid, the computer didn't have a network card) as the request key and using a program to just XORit with an ASCII string to get the activation key, seems like a workable approach. I would also store both keys since you don't want the software to de-activate if they just change their network card (or even motherboard) - they still see that as the same computer and will not be happy if the software stops working.

如果你必须这样做，我只会做一个象征性的努力来履行合同义务（但是不要告诉你的客户）。将 MAC 地址（或随机数，如果$DEITY禁止，计算机没有网卡）作为请求密钥并使用程序仅XOR使用 ASCII 字符串来获取激活密钥，似乎是一种可行的方法。我也会存储这两个密钥，因为如果他们只是更换网卡（甚至主板），您不希望软件停用 - 他们仍然认为这是同一台计算机，如果软件停止工作，他们不会高兴。

Your code's going to be cracked regardless (unless the program is rubbish which I'm sure is not the case) - this method will give your genuine customers an avenue for moving their software to another machine if your client's company becomes unresponsive somehow (drops support, goes out of business, and so on).

无论如何，您的代码都会被破解（除非程序是垃圾，我确定不是这种情况） - 如果您的客户的公司不知何故变得没有响应（放弃支持），这种方法将为您的真正客户提供将他们的软件转移到另一台机器的途径、停业等）。

The main trouble with allschemes that rely on the uniqueness of a bit of hardware is that the customer may choose to change that bit of hardware:

所有依赖于硬件位唯一性的方案的主要问题是客户可能会选择更改硬件位：

• ghosting their disk contents to a larger hard disk makes HD serial numbers change.
• using CPU serial numbers means upgrading to the latest Intel bigmutha CPU kill your software.
• using the MAC address means they can't change their NIC.

• 将磁盘内容重影到更大的硬盘会使 HD 序列号发生变化。
• 使用 CPU 序列号意味着升级到最新的 Intel bigmutha CPU 会杀死您的软件。
• 使用 MAC 地址意味着他们不能更改他们的 NIC。

These can all be fixed by using those values to create a key at install time and only check against that key, not the changed value six months down the track. It means you have to store the request and activation values but upgrades will not require your users to go through the process of re-activating their software. Believe me, they will despise you for having to do that.

这些都可以通过使用这些值在安装时创建一个密钥来修复，并且只检查该密钥，而不是六个月后更改的值。这意味着您必须存储请求和激活值，但升级不需要您的用户重新激活他们的软件。相信我，他们会因为你不得不那样做而鄙视你。

There is no sure way to uniquely identify a computer, if you assume a computer is built with many parts that can be replaced eventually.

如果您假设一台计算机由许多最终可以更换的部件构成，则没有确定的方法来唯一标识一台计算机。

Some hardware parts - MAC address, HDD disk serial number, even motherboard serial, etc - are a few good sources of "uniqueness" but as you may know if a client decides to upgrade the part the license depends on... be prepared for some customer support. Also to keep in mind is that some parts can be spoofed (the MAC being one of them).

一些硬件部件——MAC 地址、硬盘驱动器磁盘序列号、甚至主板序列号等——是“唯一性”的一些很好的来源，但你可能知道如果客户决定升级许可证所依赖的部分......做好准备一些客户支持。还要记住的是，某些部分可以被欺骗（MAC 就是其中之一）。

An online license check is another good way to go - you can manage everything on the server side and even define your own rules for it (how many licenses per client/install, concurrency, etc) but the big thing to note is what happens when connection can't be established?

在线许可证检查是另一种好方法 - 您可以管理服务器端的所有内容，甚至可以为其定义自己的规则（每个客户端/安装有多少许可证、并发性等），但要注意的重要事情是当无法建立连接？

How about using MotherBoard unique serial number?

使用主板唯一序列号怎么样？

Open up Registry and navigate to

打开注册表并导航到

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography

Find the key called “MachineGuid” this key is generated uniquely during the installation of Windows and it won't change regardless of any hardware swap (apart from replacing the boot-able hard drive where the OS are installed on). That means if you want to keep tracking installation per OS this is another alternative. It won't change unless you do a fresh reinstall of Windows.

找到名为“MachineGuid”的密钥，该密钥是在 Windows 安装过程中唯一生成的，无论任何硬件交换（除了更换安装了操作系统的可启动硬盘驱动器外）都不会改变。这意味着如果您想跟踪每个操作系统的安装，这是另一种选择。除非您重新安装 Windows，否则它不会改变。

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography

"MachineGuid” key is generated uniquely during the installation of Windows and it won't change regardless of any hardware swap (apart from replacing the boot-able hard drive where the OS are installed on). I am not sure about this.

“MachineGuid”密钥是在 Windows 安装过程中唯一生成的，无论硬件交换如何，它都不会改变（除了更换安装了操作系统的可启动硬盘驱动器）。我不确定这一点。

MY SUGGESTION

我的建议

You can Use that MachineGuid, Hard Disk Serial Number, Mother Board Serial Number and UUID. Together HASH it using SHA 256 or any other HASH function.

您可以使用该 MachineGuid、硬盘序列号、主板序列号和 UUID。一起使用 SHA 256 或任何其他 HASH 函数对其进行 HASH。

UUID- wmic csproduct get UUID

UUID- wmic csproduct 获取 UUID

MachineGuid- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography

MachineGuid- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography

Hard Disk Serial Number- wmic diskdrive get serialnumber

硬盘序列号- wmic diskdrive 获取序列号

BIOS Serial Number- wmic bios get serialnumber

BIOS 序列号- wmic bios 获取序列号

Mother Board Serial Number- wmic baseboard get serialnumber

主板序列号- wmic基板获取序列号

how about hashing anything that has a burned-in SN, harddrive, proc, ram, etc... this hash will remain with the computer until it has it's parts replaced.

散列任何有烧入的 SN、硬盘、proc、ram 等的东西怎么样……这个散列将保留在计算机中，直到它的部件被更换。