The best advice on this topic : don’t spend too much time on this topic. Anything more than a day spent “protecting” your software is time wasted (IMO).
I went for very relaxed demo restrictions (a nag screen after 3 weeks use) and not a hugely brilliant idea for the registration keys using RSA (I later discovered my private key bit length is so short that 1 or 2 hours with a decent GPU would easily brute force it), the idea being that people are going to pay or they aren’t, but making it “difficult” to trivially pirate the plugins will encourage the ones on the fence to buy them perhaps*.
So far I’ve only seen one product of my 4 cracked, and it’s an old version with fewer features, which leads to the other common theme in that KVR thread: keep adding features.
[*] I’ve read on a discord channel someone who was lamenting the time wasted clicking “OK” on the nag screen and that they needed to buy a license for my plugins, so my anecdata sample size of 1 “proves” this might actually work.