Technology to Prevent Multiple logins to the Same Computer

Question

I re-asked this question here because the people at ServerFault deemed that this is the appropriate place to ask this.

I am trying to prevent people from multiple login into one single computer and use my application simultaneously. In other words I want to prevent it from running twice on the same computer, at the same time In any given time there shall be only one single user running my application.

There is a reason for me to set the license usage that strict; my app serves a very specialized and very niche market. Hence, each copy costs around tens of thousands. If such multiple remote login tech gains prominence I would be put out of business in no time.

This is because I want to stop them from buying one license, install it on a machine, and use certain remote desktop technologies to do multiple user login. I want to prevent them from violating the license agreement technologically, instead of law enforcement.

Is there anyway that I can do in my application for this? Or is multiple login simultaneously is simply not possible?

I would prefer a non-dongle solution. My application runs on Windows only.

Edit: To complicate the matter further, I allow simultaneous different version access ( my clients can install multiple version of the same software on one machine and fire them up at the same time). I just don't allow simultaneous remote login.

Answer 1

Do you want to prevent it from running twice on the same computer?

If that's the case the solution can be quite simple; take out a system-wide mutex or some similar approach, and then just check that and make sure it doesn't already exist. You could open a socket, or whatever, to achieve that.

Or do you want to somehow stop an account, other than the one that installed it, running it?

Answer 2

Let me clarify my standpoint a little. At least silky and I seem to be interpreting this in a different manner.

From what I understand, you are trying to prevent multiple users (or more instances of the same user) from logging in on the machine at the same time. In this you assume that the sole purpose of the machine is to run your application, which will generally not be the case.

Using silky's approach (system-wide mutex) to prevent multiple instances from running on the same machine is acceptable. Personally, I'd want to make sure there is no valid use case for a single user running two instances of your application to accomplish a task, before taking this approach.

See also this programmer's pet peeve. Preventing multiple users from using the same machine falls into the same category ;)

As for your multiple version problem: choose a unique name for your system-wide mutex for every (major?) version of your application.

Basic example with a system-wide Mutex:

static class Program
{
    private static Mutex appMutex = new Mutex(false, "Global\\MyApp 1.0");

    [STAThread]
    static void Main()
    {
        if (!appMutex.WaitOne(0))
        {
            MessageBox.Show("Application is already running. Have a nice day.");
            return;
        }

        // ...
    }
}

The Global\ prefix makes the mutex shared over multiple terminal server sessions. Without it, it would only prevent a user from running two instances in the same session.

You should test this approach on an account that has limited rights, as it might be possible that restricted accounts cannot create such a mutex at all.