Generating a Hardware-ID on Windows

Question

What is the best way to generate a unique hardware ID on Microsoft Windows with C++ that is not easily spoofable (with for example changing the MAC Address)?

Define "easily spoofable" - i.e. could your grandmother do it, only the hacker elite, or nobody at all? — GalacticCowboy, May 26 '09 at 14:23

score 17 · Accepted Answer · answered May 26 '09 at 13:24

17

Windows stores a unique Guid per machine in the registry at:

HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\MachineGuid

answered May 26 '09 at 13:24

AgileJon

53,070
5
41
38

You could use this with the name of your program as the key to an HMAC hash function in CAPI. – Jeff Moser May 26 '09 at 13:28
2

Is that standard on ALL Versions of Windows? What about Mobile Windows? – JoshBerke May 26 '09 at 13:35
The question would be "how easy is that to spoof...?" – jesup May 26 '09 at 14:04
4

Hint for all 64-bit users: Pass KEY_WOW64_64KEY as samDesired to RegOpenKeyEx(), since Windows only creates a 64-bit key which is mapped into an own key. – Patrick Glandien May 26 '09 at 16:03
2

I am not sure that this MachineGuid is *really* hardware driven. For example, if I reformat the hard disk and install a new copy of windows, will this id remain same? – Hemant Jun 22 '09 at 05:35
I'm really not sure what the MachineGuid is based on. If it's truly a Guid then it may just be generated at install time (ie: it may stay the same)... rather than something like a hash of your hardware S/Ns. – AgileJon Jun 22 '09 at 11:01
4

Likewise I would be curious to know what happens if you clone the VM. Will the new VM have the same machine GUID? – Hakanai Oct 26 '11 at 01:04
1

the only issue with this approach is machineguid can be changed manually so your customer should not know about it. – duckduckgo Jun 27 '13 at 03:57

score 1 · Answer 2 · answered Aug 11 '12 at 20:27

This used to be the CPU serial number but today there are many types of motherboards and this factor is not accurate. MAC address can be easily forged. That leaves us with the internal hard drive serial number. See also: http://www.codeproject.com/Articles/319181/Haephrati-Searching-for-a-reliable-Hardware-ID

score 1 · Answer 3 · answered May 08 '13 at 17:05

There are a variety of "tricks", but the only real "physical answer" is "no, there is no solution".

A "machine" is nothing more than a passive bus with some hardware around. Although each piece of iron can provide a somehow usable identifier, every piece of iron can be replaced by a user for whatever bad or good reason you can never be fully aware of (so if you base your functionality on this, you create problems to your user, and hence -as a consequence- to yourself every time an hardware have to be replaced / reinitialized / reconfigured etc. etc.).

Now, if your problem is identify a machine in a context where many machines have to inter-operate together, this is a role well played by MAC or IP addresses or Hostnames. But be prepared to the idea that they are not necessarily constant on long time-period (so avoid to hard-code them - instead "discover then" upon any of your start-up)

If your problem is -instead- identify a software instance or a licence, you have probably better to concentrate on another kind of solution: you sell licences to "users" (it is the user that has the money, not his computer!), not to their "machines" (that users must be free to change whenever they need/like without your permission, since you din't licence the hardware or the OS...), hence your problem is not to identify a machine, but a USER (consider that a same machine can be a host for many user and that a same user can work on a variety of machines ..., you cannot assume/impose a 1:1 relation, without running into some kind of problems sooner or later, when this idiom ifs found to no more fit).

The idea should be to register the users in a somewhat reachable site, give them keys you generate, and check that a same user/key pair is not con-temporarily used more than an agreed number of times under a given time period. When violations exceed, or keys becomes old, just block and wait for the user to renew.

As you can see, the answer mostly depends on the reason behind your question, more than from the question itself.

Gabriel · Answer 4 · 2011-01-07T13:43:30.610

0

Here is a program (also available as DLL) that can read and show your computer/hardware ID: http://www.soft.tahionic.com/download-hdd_id/index.html

edited Jan 07 '11 at 13:43

answered Jan 07 '11 at 13:38

Gabriel

20,797
27
159
293

score 0 · Answer 5 · answered May 26 '09 at 14:26

There are various IDs assigned to hardware that can be read and combined to form a machine key. For example, you could get the ID of the hard drive where the software is stored, the proc ID, etc. Some of these can be set more easily than others, but part of the strength is in combining multiple pieces together that are not necessarily strong enough by themselves.

score -1 · Answer 6 · edited Mar 01 '12 at 16:20

-1

Use Win32 System HDS APIs. Don't read the registry, it has no sense at all.

edited Mar 01 '12 at 16:20

bluish

26,356
27
122
180

answered May 27 '09 at 15:20

Like to share a link? HDS does not turn up anything. – Christopher Oezbek Jan 25 '15 at 07:58

Generating a Hardware-ID on Windows

6 Answers6

Linked