The concept behind the hardware locking feature of SoftwarePassport/Armadillo is simple: by locking your program, you can prevent it from being used on any computer other than the one(s) you've licensed to use it. For a simpler (though less secure) method of enforcing your licensing agreements, please see The Network Licensing option. SoftwarePassport/Armadillo provides hardware locking by looking carefully at the user's computer and calculating a number that it believes uniquely describes that machine. It gives this number to the user on the Register dialog box (and passes it to your program in the FINGERPRINT or ENHFINGERPRINT environment strings). The user then gives the number to you (or whoever is generating the key). You enter the number into SoftwarePassport/Armadillo, and SoftwarePassport/Armadillo creates a key that will only work on that computer. Then you provide the key to the user.
What are the pros and cons of using hardware locking?
Most of the pros should be obvious: the user can't use your program on a dozen computers while only paying for one copy. One that might not be obvious is that only hardware locked keys can be securely removed from a system, if (for example) a customer wants a refund.
The drawbacks all stem from the same problem: if the hardware fingerprint changes for any reason (the user upgrades the motherboard or CPU, the user's computer breaks and he gets a new one, the user replaces his hard drive, etc.), the old key won't work anymore, and you'll have to issue the user a new one. We recommend that only those who truly need this feature enable it; it can become an annoyance for the legitimate users, and a maintenance nightmare for you if you have a popular program. For ways to minimize this risk, please see the topic "Customizing the Hardware Fingerprint" in the Armadillo Help.
Do I need the "standard" or the "enhanced" hardware locking?
Armadillo originally didn't have the customizable hardware locking options. You could only use the Standard or Enhanced hardware locking. For backward compatibility, we've kept that model for the default hardware locking options (although you can now customize it to make it more or less sensitive).
If you're using the custom hardware locking option, then you'll simply have two hardware locking "slots" to customize — you can use either one, or both if you wish. Just make sure you're using the right setting in each certificate, and the right environment variable (FINGERPRINT or ENHFINGERPRINT) if you're retrieving them in your program.
How do I use it?
Two parts: first, before you protect your program, you have to set up a certificate that uses it (the default certificate cannot, since it is intended to work on any system). This takes nothing more than selecting a radio button on the Edit Certificate screen.
Then, when you create keys for that certificate, you'll have to get and enter the user's hardware fingerprint (which SoftwarePassport/Armadillo will give to your program by way of the FINGERPRINT or ENHFINGERPRINT environment strings, and show to the user on the Enter Key dialog). That's all there is to it!
See also the following topics in the Armadillo Help:
- Designing Your Program's Defenses
- Environment Strings
- Hardware Locking
- Using SoftwarePassport/Armadillo Responsibly, or Getting Paid
