What is a good way to randomly generate some not-likely-to-be-randomly-generated-again activation codes to use for activating software? I am making an auto-fulfillment system for a web application.
I am using C#.
What is a good way to randomly generate some not-likely-to-be-randomly-generated-again activation codes to use for activating software? I am making an auto-fulfillment system for a web application.
I am using C#.
Guid.NewGuid().ToString()
If you don't mind a 36 character length.
It depends on your goals. A GUID is simple to generate, but it's a pain if the user has to enter it manually. That's fine if activation is happening by (say) clicking on a URL provided in email, or if you can expect the user to copy and paste a value from an activation email.
In other cases (e.g. shrinkwrapped software where the activation code is physically printed on the packaging in some manner), the user will be manually entering the code. In this case, you're better off using a method akin to what Microsoft and Blizzard use: generate a code consisting of five groups of five random alphanumeric characters (omit vowels if you want to eliminate the risk that an activation code will contains something like 4SHIT), and check each code generated against a master list for duplicates. (Though I think the odds of even a 100,000-sequence extracted from {1, 2, ... 34^26 - 1} containing a duplicate are pretty small. It's hard to say for sure, because the only way I know of calculating it overflows a double.)
When using Guid.NewGuid(), any GUID will match. So anybody can generate their own GUIDs and use them with your software. How would you differentiate between the genuine ones and others?
What you need is a cryptographic licensing scheme such as CryptoLicensing where only you can generate codes and your software will validate those codes.