Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Idea's to licence application

Status
Not open for further replies.
Stevehewitt

Stevehewitt

IS-IT--Management
Jun 7, 2001
2,075
GB
Hi Everyone,

I'm after peoples ideas and suggestions about how to secure a access application. It's my first retail application, and I'm worried about how to licence it.

I'm planning to charge per user; but the database tables are going to be stored on MSDE or even SQL Server 2005 Express. Initially I was going to have code in the app where they can add new users where the customer must enter in a licence key. When added the app checks against a table which contains both keys and number of users. When entered the new user screen will only allow so many records to be entered in (depending on the value of users allowed according to the licence key table).

But the problem is what happens if some smart alec with some techy knowledge comes about and tries to create new users in SQL Server directly?

Thanks,



Steve.

"They have the internet on computers now!" - Homer Simpson
 
Sort by date Sort by votes
One little trick I did many years ago under FoxPro was to create a custom encryption for User IDs in a table. My encryption was based on shifting the ASCII Characters; based on a user registration date - calculated as a numeric value. The table would contain the registration date/time as a numeric value and then the encrypted user id. htwh,

Steve Medvid
"IT Consultant & Web Master"

Chester County, PA Residents
Please Show Your Support...
 
Upvote 0 Downvote
A trick used at a previous employer for app #1:

Use a SQL Server account for your application to communicate with the database, perhaps with details stored in the registry.

Then have a users table with the application users with their username and password, managed from within the application.
Your authentication screen presents a username/password screen, when the user clicks OK or hits enter, it connects as the application user then verifies that the username/password in the users table is valid and either lets them in or displays an "Invalid username/password" message as appropriate.

Combine this with smedvid's encryption of username/password encryption.

Trick no. 2
Use SQL Server accounts for connection, but have a table in the application database listing authorised users - your login screen checks that the user login ID is in this table and throws them out if not.

Both techniques allow them to use the SQL server for other applications whilst running yours as well. If anybody tries to work out how this works, it is obviously reverse engineering and thus a contravention of your license terms.

John
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

TheresAlwaysAWay
  • Locked
  • Question
Can Access be used to generate and respond to text messages? 1
Replies
6
Views
2K
TheresAlwaysAWay
TheresAlwaysAWay
renigar
  • Locked
  • Question
Access 365: Search LastName in one table to put EmployeeID in another
Replies
8
Views
525
renigar
renigar
TheresAlwaysAWay
  • Question
Crazy question: Can anyone help me create a routine to roll 2 dice 1000x and sum them? 4
2
Replies
22
Views
2K
Andrzejek
Andrzejek
lmcate
  • Locked
  • Question
How to Open ACCESS (MDB) from an HTML Page 1
Replies
2
Views
2K
lmcate
lmcate
atadbitslow
  • Locked
  • Question
how to search data and display matches that include the user's input, but not necessarily match
Replies
5
Views
306
atadbitslow
atadbitslow

Part and Inventory Search

Sponsor

Back
Top