Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

DarkBASIC Professional Discussion / Need help with keys for game

Author
Message
HellsDevilDog
13
Years of Service
User Offline
Joined: 18th Mar 2011
Location: Ohio
Posted: 19th Mar 2011 01:16
Link
So as my game draws near it's finished state, I was wanting to implement keys to it, Such as add them to an online database, then the user would enter a key at main menu and it would check to see if it's a valid key or not. Only problem is, I'd have no idea once or ever on how to accomplish this task! So I decided to ask for assistance from you nice people here. ^_^ Thanks!

Feel free to suggest an alternative method to get this accomplished, thanks!
Back to top
Profile PM Website
Non Sequitur M
15
Years of Service
User Offline
Joined: 28th Oct 2008
Location: Where am I!? Where are YOU?
Posted: 19th Mar 2011 16:38
Link
First, you need to explain why it would be necessary to read keys from an online database and not in program?

Secondly, how can your game be near a finished state without a control scheme? How have you been testing different aspects of the program for user friendliness and functionality/efficiency?

If life were like a box of chocolates, I'd know what I would get... The one that got dropped on the floor and put back in the box.

Iye nehvur yoose spehl chehk, ahn mie tippyng izz fiyne.
Back to top
Profile PM Email
IanM
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Sep 2002
Location: In my moon base
Posted: 19th Mar 2011 17:01
Link
I think that when he says 'keys', he's not talking about keys on a keyboard, and is talking about copy-protection keys.

Get the latest Matrix1Utility plug-ins (23-DEC-2010)
Back to top
Profile PM Email Website
Non Sequitur M
15
Years of Service
User Offline
Joined: 28th Oct 2008
Location: Where am I!? Where are YOU?
Posted: 19th Mar 2011 19:00 Edited at: 19th Mar 2011 19:01
Link
Oh! Authentication keys... My bad.

You would need to have a unique key, for each copy sold, in a format such as XXXX-XXXX-XXXX-XXXX, or something. If you do a free demo kind of thing, you wouldn't include a key file. Instead, when they bought the product, what they would actually be buying is a key file. The program would recognize this file, and they would enter the code they were given upon purchase, and the program would unlock.

Someone correct me if this overly complicated. But, to me this seems the best option.

If life were like a box of chocolates, I'd know what I would get... The one that got dropped on the floor and put back in the box.

Iye nehvur yoose spehl chehk, ahn mie tippyng izz fiyne.
Back to top
Profile PM Email
Grog Grueslayer
Valued Member
18
Years of Service
User Offline
Joined: 30th May 2005
Playing: Green Hell
Posted: 19th Mar 2011 20:31 Edited at: 19th Mar 2011 20:32
Link
You basically just create that key based on something the user has to type in like their name. If you want that key to not work on other computers then you add hardware thats on the computer that registers the key.

What the following code snip does is it takes the users name and converts each letter to it's ascii number, reduces the numbers by adding each set of numbers, and finally creating the authentication key by randomly picking numbers from the reduced number string.

If you use the same name it'll pick the same authentication key every time because the random seed is 500... if you want to change the key it produces change the 500 to some other number or add any number of processes to add/change the numbers.



Back to top
Profile PM Email
Quel
15
Years of Service
User Offline
Joined: 13th Mar 2009
Location:
Posted: 19th Mar 2011 21:01
Link
Coming up with an authorization key generation algorithm is not the way to success in my opinion. That's why crackers 'just' figure out how a certain program generates those, and there, the program now can be used by everybody for free.

Just assign random numbers to anybody purchased, of course paying attention to the fact that there cannot be two orders with the very same numbers.

Generating according to certain rule(s) has been thought up for massively produced software, where the manufacturer can't put different code to each of the media storages. AND the user is not guaranteed to be an Internet user as well.

But if you make it a must be online stuff, go with simply random numbers as said above.
Back to top
Profile PM
Non Sequitur M
15
Years of Service
User Offline
Joined: 28th Oct 2008
Location: Where am I!? Where are YOU?
Posted: 20th Mar 2011 04:14 Edited at: 20th Mar 2011 04:15
Link
Well, if the players have to buy a key file, then there won't be a way to hack the program easily and still have it playable online. Without the proper file to check the key against, then the program just won't accept the code.

That's why I said they have to buy the key file. Otherwise, the game would just be stuck in 'demo mode.'

If life were like a box of chocolates, I'd know what I would get... The one that got dropped on the floor and put back in the box.

Iye nehvur yoose spehl chehk, ahn mie tippyng izz fiyne.
Back to top
Profile PM Email
Wyldhunt
14
Years of Service
User Offline
Joined: 27th Sep 2009
Location: The Dark Side
Posted: 20th Mar 2011 09:59 Edited at: 20th Mar 2011 10:02
Link
If the players buy a key file, then they will just torrent the key file.
If you really want to prevent hackers for as long as possible, you need to have some type of number generator such as the one posted above. When someone purchases the game, you would need to check the database to see if that number already exists in the database and if it does then add 1 or something.
The db can have multiple fields for that unique key such as name, Hacked, and number of active connections. Have the Number of Active Connections field subtract 1 every 5 minutes. Have your game add 1 every 5 minutes.
You can program the game to update the Hacked field to 1 if it ever has more than 5 active connections at one time.
When the game first boots, if Hacked = 1, then give them some message about smurfs coming for them in the night and exit.
That would make an active internet connection a requirement for your game, but it would guarantee that people wouldn't want to share their key.

Eventually, if it becomes popular enough, someone will hack it and change the IP it checks to be the client PC so that they can make it always answer
Hacked = 0. But, you can never eliminate hacking. Just slow it down.
Back to top
Profile PM
SH4773R
14
Years of Service
User Offline
Joined: 18th Jan 2010
Location: AMERICA!!!
Posted: 20th Mar 2011 10:21
Link
Why not have accounts for players and have people buy keys for the account and have the program check if the account has a key? Also iv seen programs that make installer
.exe's that you can add key protection

__________________________________________

My software never has bugs. It just develops random features.
Back to top
Profile PM Email
Wyldhunt
14
Years of Service
User Offline
Joined: 27th Sep 2009
Location: The Dark Side
Posted: 20th Mar 2011 10:26 Edited at: 20th Mar 2011 10:38
Link
That's how WoW does it and it works well. That would also add the ability to sell monthly subscriptions to the game and such.
You'd still want a Hacked field to prevent abuse though. Otherwise, people could just share their account info.
Probably want to keep track of IP's on server side too. If the same IP tries to log in with more than a few ID's in 5 minutes, IP ban them. They're trying to use some type of generator to ride someone elses account.
If you limit it to only a single person being able to be logged in to the account at any one time, it will tighten up security even more, but you begin to run the risk of losing customers at that point. If there is a familly with a husband, wife, and 2 children, I guarantee that they won't want to buy the game 4 times. Best to allow one account per houshold and as long as everyone is logging in from the same IP, let them in. Or, just set a hard limit of 5 at once.

EDIT:
Question: Were you hoping for ideas on the theory of what you needed to set up (What we've been giving you), or were you hoping for help with the actual client/server code to check/update an online database from the game client?
Back to top
Profile PM
SH4773R
14
Years of Service
User Offline
Joined: 18th Jan 2010
Location: AMERICA!!!
Posted: 20th Mar 2011 10:34
Link
Also make it so only one game can be launched off the same account like steam

@wyldhunt
Come to think about it that's how minecraft does it too.

__________________________________________

My software never has bugs. It just develops random features.
Back to top
Profile PM Email
HellsDevilDog
13
Years of Service
User Offline
Joined: 18th Mar 2011
Location: Ohio
Posted: 20th Mar 2011 23:15
Link
thanks for all the help, And just any information is helping to come to a solution, Weather it be codes or not, Although I avoid copy/pasting any data, Rather generate my own.

After reading what all suggested, I'm liking the one Quel and Wyldhunt mentioned the best, That seems like the best way so far to limit it 5 connections per account. But for the program to check online database, I would have no idea how to accomplish this yet, I've never studied any online functionality DB may or may not have to offer, I do enjoy learning new things though, Could someone enlighten me?
Back to top
Profile PM Website
Non Sequitur M
15
Years of Service
User Offline
Joined: 28th Oct 2008
Location: Where am I!? Where are YOU?
Posted: 21st Mar 2011 03:44 Edited at: 21st Mar 2011 03:47
Link
Quote: "If the players buy a key file, then they will just torrent the key file."


So?? The key file would contain a key unique to each sale. If they torrent it, it wouldn't matter. Only one copy of the software with that key file would be able to be registered at any one time. Look:

Jim D. buys a copy of Rad Game X. After purchase, he receives a key file from your company containing a unique one-time key, something like 1D29-4BB80-7YHT2-6MN6. When he puts the file in the correct directory, and enters the correct key, then the game unlocks. And, the algorithm for generating and encrypting the key is on the company computer, not the customers' computers. How is he going to hack your key file? Hack into your computer to get the algorithm? Ha! That would take a world class hacker, not some kid trying to hack a frickin' game!

Also, this method would mean a family could have multiple accounts on the same computer without extra subscriptions.

I'm sorry Wyldhunt, but your "WoW" solution is overly complex for what it accomplishes.

In summation, these are the 4 things my method would need:
1) A customer with an internet connection(How many people don't these days?).
2) A randomization and encryption algorithm.
3) A file with a unique key.
4) A decryption algorithm in the target software.

[EDIT]: Also, you do realize my method is used alongside a key archive, correct?

If life were like a box of chocolates, I'd know what I would get... The one that got dropped on the floor and put back in the box.

Iye nehvur yoose spehl chehk, ahn mie tippyng izz fiyne.
Back to top
Profile PM Email
HellsDevilDog
13
Years of Service
User Offline
Joined: 18th Mar 2011
Location: Ohio
Posted: 21st Mar 2011 05:53
Link
Ah, Alright, i see what you mean now (kinda), I see how your method works, That seems quite nice aswell. But If you could, Explain in a bit more detail so I can fully grasp the concept you're elaborating? Thanks! ^_^
Back to top
Profile PM Website
Non Sequitur M
15
Years of Service
User Offline
Joined: 28th Oct 2008
Location: Where am I!? Where are YOU?
Posted: 21st Mar 2011 19:24
Link
Oh, boy... I've always been bad at explaining things! Haha.

OK.

Someone buys your game, and they receive a download link from your website for a file containing their unique activation key, which is randomized and encrypted by a program that is made to do just, and only, that(Grog's algorithm is a good example). After the key has been purchased, you would archive that key in a database at your company so that no other person could accidentally receive that same key. Next the customer is instructed where to place the key file(or, you can make an installer that drops the file into the correct directory). Once the file is in the correct place on the customer's computer, they start up the game. Somewhere on the main menu could be an option such as "Activate", or "Upgrade to Full". They would click on that option and be greeted by a code screen with blanks to type the code into. After they hit enter, or click "Done", or however they complete the prompt, their copy of the software would connect to your server. Your computer would then acknowledge that the copy of the software had been activated and put a flag on the key that you have in the database, thus allowing no more use of that key on another computer! Voila!

In the long run, no one could just 'make' a key file and activate, because it has to be in your database, so the program will tell them to buy a copy of the game. Nor could anyone release their key file online, because only one computer can have that one key assigned to it due to the flag on the key from the first activation.

If you still don't understand, then I hope someone who reads this post, and understands it, could explain it better than I. If you did understand it, then good luck with your game!

If life were like a box of chocolates, I'd know what I would get... The one that got dropped on the floor and put back in the box.

Iye nehvur yoose spehl chehk, ahn mie tippyng izz fiyne.
Back to top
Profile PM Email
DVader
20
Years of Service
User Offline
Joined: 28th Jan 2004
Location:
Posted: 21st Mar 2011 19:45
Link
FTP would be the easiest method, but probably not very secure. DB can read and write to CSV files so you could use one on the website and download the csv and check against that. I have not done anything beyond high score saving myself though, and don't really need any more than a simple text file for that.

http://s6.bitefight.org/c.php?uid=103081
Back to top
Profile PM Website
HellsDevilDog
13
Years of Service
User Offline
Joined: 18th Mar 2011
Location: Ohio
Posted: 22nd Mar 2011 08:40
Link
I fully understand the method now, Amo Deus Man. Thanks very much!

I will look more into this matter using your method, Assuming you don't mind me doing so.

Now for the fun part, Anyone have any sources I could use to learn to read/write to a file in an FTP (or other) from DB?
Back to top
Profile PM Website
Wyldhunt
14
Years of Service
User Offline
Joined: 27th Sep 2009
Location: The Dark Side
Posted: 22nd Mar 2011 09:41 Edited at: 22nd Mar 2011 10:07
Link
@Amo Deus Man
You are correct. I read your post as a downloaded key file only. Once you add in checks to verify the number in an external database, all is good. The external database is the important part that I was mentioning. Beyond that, it's really a preference thing.

@HellsDevilDog
The technical code side of it would be something along these lines:
Your program sends information to your server on a specific port. Your server listens on that port for any incoming info and executes code based on the packet info.
If you have direct access or, at least, have permissions to install software on the server, then you may be better off programming your own server software. That way, you can customize exactly what it's doing.
Once the server has the packet and knows what to do with it, then it's just a matter of you coding functions to generate/verify keys and IP's and whatever else you want and reply with a True/False back to the client.
You can find some good example code for a client and server on Omens website. Link in his thread here:
http://forum.thegamecreators.com/?m=forum_view&t=165271&b=1
He uses DarkNet to code the client/server, I think. If you don't want to use DarkNet, you should still be able to get the general idea. Most of the basic client/server base functionality is in the first 7-10 'hours' of his tutorial.
You could do it without a custom server, but you'd need some way of listening to a specific port and executing your code server side. I don't know enough to advise on alternatives.
Back to top
Profile PM
Daniel wright 2311
User Banned
Posted: 22nd Mar 2011 10:16
Link
Just let people have it to play if its that important, not every one in the world downloads games, Most people I know In my life go to the store to buy theree games,even for the PC.

My point is if you sell it and people steal it and then release it for free online then you will get two things, sells, and popularity for your game.Then when you make part 2 if ever more people will buy it and know what it is and want it.

Trust me when I say this, people that download games have no money to buy it any how so your not loosing nothing even if they do download it, they never had the money to buy it any how. The more people that play it the better, even the ones who cant afford it.How do you think resident evil came to be so popular? I do remember there first ever game, it to was free for download, if it was not then theree would be no movies for it now.

my signature keeps being erased by a mod So this is my new signature.
Back to top
Profile
Non Sequitur M
15
Years of Service
User Offline
Joined: 28th Oct 2008
Location: Where am I!? Where are YOU?
Posted: 22nd Mar 2011 20:11
Link
@ Daniel: First, Resident Evil's first game was on the PS. I remember the release. It wasn't free. Also, explain how DooM has a movie out and another planned if it has no free games. Not having software protection is like opening up a store, and having absolutely zero security systems installed. Not smart...

@ Wyldhunt: See? I'm bad at explanations! I totally forgot client/server connections, and packet recognition...

If life were like a box of chocolates, I'd know what I would get... The one that got dropped on the floor and put back in the box.

Iye nehvur yoose spehl chehk, ahn mie tippyng izz fiyne.
Back to top
Profile PM Email
Back to top

Login to post a reply

Server time is: 2024-05-19 11:46:55
Your offset time is: 2024-05-19 11:46:55