How to generate a user registration key in Delphi?

Arnold picture Arnold · Jan 9, 2012 · Viewed 8.2k times · Source

For my current application I use a very simple scheme to register new users. When a new user registers an email is sent with a key. To check wether this key is correct a kind of checksum is computed (3-7-11 digit check) which is added as the last 2 digits of the key. There is no check on any further validity of the key. The application does not check whether the key got invalidated.

It is a simple scheme and someone took the time to crack it by deassembling the code. I want to use another scheme for my new application but I am not sure what is the best way to do this.

  • Is there a Delphi library I could use?
  • Is it advisable to use some user supplied info in the key, like his name?
  • Is there a best practice way of registering users?
  • Anything else I have forgotten?

Some registration schemes require an application to check each time at a webserver whether the key is still valid. I'd rather not go that far because this requires a lot of effort on the server side.

Any suggestion or link for a robust way to register new users is very welcome.

Answer

kludg picture kludg · Jan 9, 2012

A better registration scheme is based on asymmetric cryptography (usually RSA algorithm). The idea is that only you can generate a valid key, while everybody can check that a key is valid (asymmetric cryptography allows this trick). So when you see your program with a valid key on torrents you just cancel support for a customer who was given this key.