EDN Admin
Well-known member
Hello All,
I was hoping someone could point me in the right direction on this issue. I need to setup the registration portion of our application, but Im not sure how to go about it.
Ideally, the application should require registration on the initial launch. User data would be collected and a registration key would be generated by the applicaiton. The application would connect to our web service where the registration key
is validated and a validation key is returned on successful registration. The registration key and the validation key would be stored, but Im not entirely certain of the best way to store the key pair, perhaps in the applications settings with user
scope? We would require key validation every year, so thats why Im thinking user scope.
The application code would be obfuticated so as to make it more difficult to disassemble the code that generates the registration and validation keys, but I know this is not bullet proof.
Were actually not charging for the software, but may have to charge for it in the future if the current business model is not successful, hence the registration requirement.
Are there any examples out there? For me, it seems the most difficult part is writing the algorithms that generate the registration key, then decifer it on the web service and return the validation key. Though admittedly, Im not sure where to
even begin with the entire registration portion, so all of it seems challenging right now.
I should add that I do not wish for the application to contact our web server to verify the validation key every time the application is started. The biggest flaw I can see in this approach, and its a big one, is that the code to verify the validation
key against the registration key would have to be included with the distributed app. Ouch!
Any suggestions of how to implement a more secure registration and validation method would be greatly appreciated. Are there any good examples out there of a reasonably secure registration system?
Thanks to all for their great efforts.
STI
<
STI
View the full article
I was hoping someone could point me in the right direction on this issue. I need to setup the registration portion of our application, but Im not sure how to go about it.
Ideally, the application should require registration on the initial launch. User data would be collected and a registration key would be generated by the applicaiton. The application would connect to our web service where the registration key
is validated and a validation key is returned on successful registration. The registration key and the validation key would be stored, but Im not entirely certain of the best way to store the key pair, perhaps in the applications settings with user
scope? We would require key validation every year, so thats why Im thinking user scope.
The application code would be obfuticated so as to make it more difficult to disassemble the code that generates the registration and validation keys, but I know this is not bullet proof.
Were actually not charging for the software, but may have to charge for it in the future if the current business model is not successful, hence the registration requirement.
Are there any examples out there? For me, it seems the most difficult part is writing the algorithms that generate the registration key, then decifer it on the web service and return the validation key. Though admittedly, Im not sure where to
even begin with the entire registration portion, so all of it seems challenging right now.
I should add that I do not wish for the application to contact our web server to verify the validation key every time the application is started. The biggest flaw I can see in this approach, and its a big one, is that the code to verify the validation
key against the registration key would have to be included with the distributed app. Ouch!
Any suggestions of how to implement a more secure registration and validation method would be greatly appreciated. Are there any good examples out there of a reasonably secure registration system?
Thanks to all for their great efforts.
STI
<
STI
View the full article