Choosing Locking Criteria

A set of locking criteria seldom fits all the customers using your licensed application.

Therefore, while choosing a locking criteria you should take into consideration the following factors:

Important Factors: Choosing a Locking Criteria
Availability of a Locking Criteria

Do not choose a criteria that might not be available on the target computers. If desired, you may instead use the rare parameters as secondary locking criteria.

>Example 1: The same set of locking criteria might not apply to both standalone and network license environments.

>Example 2: For multi-homed computers, where a computer may have multiple IP addresses, a locking criteria needs to be carefully planned.
Security Benefits Versus the Risk of Failure

All license locking criteria provide a trade-off between security benefits and risk of failure. The more secure the fingerprinting, the less likely the customer is to defeat the licensing. However, the higher the risk of failure, the more likely it is that the customer will not be able to obtain a legitimate license.

>Example 1: Locking to host name gives less security, because your customer can change the host name on another computer to a duplicate name, thus gaining the ability to run the application on multiple computers. However, the host name also has a very low risk of failure, since it is not likely to change.

>Example 2: Locking to the disk ID gives greater security, but it has a greater risk of failure than the host name. It is more likely that the hard disk will fail and the customer will have to replace it, leaving your customer unable to obtain a license.
Inconvenience to Your Customers

In picking what criteria will make up the fingerprint, you need to balance your need for security against possible inconvenience to your customer. In a network where the IP addresses are dynamically allocated, locking a license to an IP address may often cause failure. Your customers will revert back to you for gaining access to the application. Also, before you decide the locking criteria, it might help to understand your customer’s network.
Using Computer ID key (CID key) for Portable Locking

The Sentinel RMS Computer ID keys (CID) are physical hardware tokens that provide portable, secure, and convenient license locking. The key can be attached to the USB or parallel port on a system and the license can be verified against it. In addition, the CID keys provide pre-activation of licenses, freeing you from the task of activation.

NOTE   Before considering hardware keys as an option for locking ensure that the use of external devices is allowed in the customer's environment.
Choosing a Non-standard Criterion
When the standard locking criteria seem inappropriate for locking licenses, use a custom criterion. You can choose between the standard custom and extended custom locking criteria. The standard custom can contain fingerprint data up to 4 bytes (unsigned long data type), while the extended custom can be up to 64-bytes (string). For example, to lock your license to the actual disk number (about 17 bytes long), you can use extended custom criterion.
When Multiple Instances of CID Keys, Ethernet Cards, Hard Disks, and CustomEx are Present on a System

When multiple instances of CID keys, Ethernet cards, hard disks, and CustomEx are present on a system, then it is possible to lock to any one of them. However, take care of the following while implementing this kind of locking:

>Use either the echoid utility (with -d option) or a custom option that calls:

Unified API: The SNTL_QUERY_FINGERPRINT_INFO query type of the sntl_licensing_get_info API.

Traditional API: The VLSgetNumberedMachineID or VLSgetNumberedMachineIDExt API).

>Multiple instances cannot be enumerated using Wechoid.

>Enumeration of multiple instances is not useful in the case of client-locked network licenses. Thus, locking codes based on the first index only should be specified while generating the license. Else, the license request will return an error. Note that this limitation does not apply to client-locked standalone and server-locked network licenses.