I have created a .net application that is currently using a encrypted text file present in the application root to store the License information, I want to know if it is best to rewrite my application to store and retrieve license information from Isolated storage.
Is it safe to do so, I have read in the MSDN that is not a best idea to store un-encrypted passwords etc., in Isolated storage, but I am already using encryption for my license file. So is it safe.
My only requirement is that the user must not accidentally stumble upon the file and mess it up
Update:
- I don’t want to store the license information in a registry, as it is the first place any body with a basic computer knowledge would go, if he wants to “crack” the license of a product
- Databases might be a good idea, but except for sqllite, i don’t find any think that fits my requirements, and sqllite is my last option
As you have stated, the registry would be the first place someone would look in order to crack the application. Storing the license in a file on their computer is going to give anybody access to modify and work with the license file. Ultimately you have no control over what the end user is going to be able to do with “their” data.
I usually consider any excessive amount of work by a developer to prevent piracy to be a waste of time. Just implement enough security to prevent the average individual from being able to crack your product. Beyond that, if an individual wants to crack your product, they will do so. Learn from the big name game companies that try to prevent piracy; it’s rampant in that industry. Nobody will ever be able to prevent cracking of their products. Bottom Line: If code runs on a computer which a cracker has access to, he can bend the code to his will.