Generating a unique machine id

windows winapi wmi uniqueidentifier
HS. picture HS. · Sep 19, 2008 · Viewed 101.3k times · Source

I need to write a function that generates an id that is unique for a given machine running a Windows OS.

Currently, I'm using WMI to query various hardware parameters and concatenate them together and hash them to derive the unique id. My question is, what are the suggested parameters I should use? Currently, I'm using a combination of bios\cpu\disk data to generate the unique id. And am using the first result if multiple results are there for each metric.

However, I ran into an issue where a machine that dual boots into 2 different Windows OS generates different site codes on each OS, which should ideally not happen.

For reference, these are the metrics I'm currently using:

Win32_Processor:UniqueID,ProcessorID,Name,Manufacturer,MaxClockSpeed
Win32_BIOS:Manufacturer
Win32_BIOS:SMBIOSBIOSVersion,IdentificationCode,SerialNumber,ReleaseDate,Version
Win32_DiskDrive:Model, Manufacturer, Signature, TotalHeads
Win32_BaseBoard:Model, Manufacturer, Name, SerialNumber
Win32_VideoController:DriverVersion, Name

Answer

Fabio Ceconello picture Fabio Ceconello · May 4, 2009

I had the same problem and after a little research I decided the best would be to read MachineGuid in registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography, as @Agnus suggested. It is generated during OS installation and won't change unless you make another fresh OS install. Depending on the OS version it may contain the network adapter MAC address embedded (plus some other numbers, including random), or a pseudorandom number, the later for newer OS versions (after XP SP2, I believe, but not sure). If it's a pseudorandom theoretically it can be forged - if two machines have the same initial state, including real time clock. In practice, this will be rare, but be aware if you expect it to be a base for security that can be attacked by hardcore hackers.

Of course a registry entry can also be easily changed by anyone to forge a machine GUID, but what I found is that this would disrupt normal operation of so many components of Windows that in most cases no regular user would do it (again, watch out for hardcore hackers).

Related questions

How to read ManagementObject Collection in WMI using C#

I found a code on net and have been trying to get more information about mo[]. I am trying to get all the information contained in ManagementObjectCollection. Since parameter in mo is looking for an string value which I dont …

Read More
Identify process using a file

I have been trying to figure out how to programmatically identify the process that has a lock on a particular file. I've searched through the Win32 API and WMI, but so far I can't find anything. I know it's possible …

Read More
Win32 code to get EDID in Windows XP/7

I found this page and was unable to get any useful information out of it (it searches the registry for something but never finds it and goes into an infinite loop). As this question regarding getting the monitor serial UID ("…

Read More