For quite a long time now, I have been trying to search for a simple licensing solution for my first commercial plugin. However, the more I learn about the subject, the more questions I have. I know that everything worthwhile will get cracked someday by someone, so I wouldn’t want to spend too much time trying to come up with a perfect copy protection solution. I’ve found few threads about the subject, but they are all more or less discussing the pros and cons of each approach.
I will be using Easy Digital Downloads as a distribution solution, which has a software licensing addon. However, it is created mainly for WordPress plugins, and such not quite matching my needs. I have seen many companies using a key file system, where you download a file to your computer to license the plugin, but I have no idea how it works and can’t find any information on the web. Restricting the usage on other computers would require creating a unique machine id for each user, but this too has many pitfalls. Machine properties like MAC addresses, CPU and motherboard models, HDD serial numbers, etc., are either easy to change or commonly shared. Furthermore, generating keys from the user’s machine attributes seems highly case-dependent and frankly vague. In one forum, someone said this:
“A simple hashed code tied to their email or similar is probably good enough. Hardware-based IDs always become an issue when people need to reinstall or update hardware.”
Due to my lack of knowledge in cryptography, this too is too general for me to start implementing anything.
I could go on and on about my concerns on this subject. For example, if the user downloads an updated version of the plugin, how can you identify that this guy already has a license for the product?
If anyone is willing to share how you handle licensing, I would be super grateful. Also, if you know of any books or other resources about the subject, please let me know.