Software licensing system recommendations

[David P 2]

Hello

 

Can anyone recommend a commercial software licensing package.  To handle the usual time limited/permanent/licence count, etc for both 32 and 64 bit windows applcations.  Prefer a one off rather than a monthly fee.

 

Many thanks.

[Stano 140]

obsidium

[Patrick PREMARTIN 50]

Microsoft Store and the TWindowsStore component ? 

[David Heffernan 2303]

Pretty hard to make such recommendations. Really depends a lot on how your users want to use your software. Are they going to want to have floating licenses? Metred usage? Cloud hosting of license manager? 

 

We have a lot of customers that don't have a shared network and collaborate entirely in the cloud with 365 or similar. Solutions to allow such users to share licenses aren't trivial. 

 

Of course, you may know that you will never have customers with such needs, or at least not in the short term. 

[TheOnlyOne 10]

You need like a general tool (DLL to integrate in your app) or you need specifically Delphi source code (vcl component)?

 

Edited February 25, 2023 by TheOnlyOne

[RaelB 4]

https://oreans.com/WinLicense.php

[Steku 0]

Software as a service with monthly rates is probably a sign of the times at the moment.
I don't know if it's different in this area.

Not tested, stumbled across it years ago, maybe interesting...

 

https://wyday.com/limelm/signup/

Edited February 26, 2023 by Steku

[Tom F 80]

Like others, we use https://oreans.com/WinLicense.php.  We've been using it since 2012 and have gotten great support when we needed it.  It's a stable, well-respected product that never triggers virustotal or other malware detectors.

As part of their product, they include a CRM database.  We preferred to create our own, and use their DLL locally to generate software keys.

It's less than US $500.  We consider our having selected it as having been a good technical and business decision.

[John R. 17]

We've been using WyDay LimeLM for years now with mixed feelings. On the plus side:

• Provides Delphi samples and easy to integrate
• Supports both named and floating licensing models
• Supports online/offline licensing
• Keys have custom extra data attached to implement advanced scenarios such as version/date checks...
• Easy and reliable REST API for key management...
• Support is fast and skilled but you have to push them hard to prove that you or the end-user is not at fault, which is taking a lot of time and efforts
• There is a public forum which can be browsed to evaluate their support and get useful info: https://wyday.com/forum/

But:

• I haven't seen such a stubborn company/developers elsewhere: when something is not working correctly, they ALWAYS say that end-user messed up their computer and must re-install everything, or that we, as developers, caused the bug. Never will they admit that its their fault!
• They've promised features for YEARS as "coming soon" without update or delivering: https://wyday.com/forum/t/4823/licensechest-is-coming-soon/
• In the past, they've implemented server side breaking changes, such as limiting the number of IPs which can connect to their API, without previous notice, apologies, and despite multiple critics on their forum, they merely relaxed their policy saying they are right, customers are wrong 😲
• You are captive to a monthly subscription. They have increased the price in the past and it is very hard to do anything about it: if you change your licensing system and stop using them, how would you handle customers using older versions of your software with perpetual licenses ?

All in all, it's a decent solution to get started fast and strong. But given the price, I expect better. We have now past the hard times with them so I'm not sure if we will ever change, but I can't say that I'm not frequently looking for alternatives, including home made solutions.

 

Hope this helps.

[Tom F 80]

6 hours ago, John R. said:

We've been using WyDay LimeLM for years now with mixed feelings. On the plus side:

But:

• I haven't seen such a stubborn company/developers elsewhere: when something is not working correctly, they ALWAYS say that end-user messed up their computer and must re-install everything, or that we, as developers, caused the bug. Never will they admit that it's their fault!

Wow. Reading their support blog, their bad attitude comes through clearly.  They're likely a bunch of arrogant programmers with no business sense, all the while being sure they're god's gift to earth!  

[David P 2]

Thanks all, much appreciated.  WinLicense seems to be the most appealing so far.

[John R. 17]

3 hours ago, David P said:

Thanks all, much appreciated.  WinLicense seems to be the most appealing so far.

We have never tested this solution as we've discarded them for multiple reasons:

• Their website does not contain any legal information. We couldn't find out where this company is located which is highly problematic
• Their website content seems to be too good to be true, and despite some color changes, I believe that it has exactly the same content for years
• There is no public forum, or public feedback that we could find about their solution
• It is not that big of a deal but for a security related company, having website pages with a .php extension is not a great way to show technical skills

Don't get me wrong, they might be very good but for the missing legal information alone, I won't even try their products.

[Tom F 80]

Wow!  I'm sorry you'll miss out on what we've found to be an extremely reliable company and a wonderful tool for us.  

I hesitate to say more, because I don't want to sound combative or like a shill for the company. Because I'm neither of those.  I can only report our experience, which has been excellent. And of course, YMMV.

I understand your caution, David. Each company has its own decision-making process, level of due diligence, and degree of risk aversion. We, of course, went through a similar decision-making process before we selected Oreans.

 

Perhaps your bullet points are insurmountable obstacles for you.  I'm not going to spend a lot of time here carefully wordsmithing a reply, but, quickly, here's what I thought to myself when I read your bullets:

• "No legal information." I understand your hesitation on this. Maybe you could reach out to the owner, Rafael, to discuss your concerns.
• Static and "too good to be true website" Yes, their website hasn't changed in years.  Like many developers, he's not a strong marketer. I have never encountered any inaccuracies on the site.
• "No forum" I've always gotten excellent support via email.  Sure, a forum is always nice to have. And I am a big forum user when they're available.  But, TBH, the absence of a forum hasn't been an issue for us.  This isn't an enormous product where communicating with other users would provide a lot of value to me.
• "Site is .php"  Like you said, this isn't a big deal. See bullet 2.

Anyway, I wish you all the best in your product development.

Tom

[Patrick PREMARTIN 50]

1 hour ago, John R. said:

• It is not that big of a deal but for a security related company, having website pages with a .php extension is not a great way to show technical skills

what file extension do you expect for a security company website ?

 

[John R. 17]

53 minutes ago, Tom F said:

Wow!  I'm sorry you'll miss out on what we've found to be an extremely reliable company and a wonderful tool for us. 

As I said, it probably is but I can't see how a serious company could trust them if they don't even provide mandatory legal mentions on their website.

[John R. 17]

3 minutes ago, Patrick PREMARTIN said:

what file extension do you expect for a security company website ?

See PHP's security section here: https://www.php.net/manual/en/security.hiding.php

[Patrick PREMARTIN 50]

Putting ASP extension as a security thing to hide PHP, seriously ??? 

 

Using URL rewriting to have a better SEO is the way. 

 

hackers don't care of URL extensions : they have bugs list and try them everywhere.

[Fr0sT.Brutal 897]

On 3/2/2023 at 7:25 PM, Patrick PREMARTIN said:

what file extension do you expect for a security company website ?

 

.superdupersecure 🙂

[deonvn 0]

Does anyone have any experience (good or bad) with Cryptlex | Software Licensing?

 

Thanks

[Kas Ob. 91]

On 3/2/2023 at 4:27 PM, John R. said:

Their website does not contain any legal information. We couldn't find out where this company is located which is highly problematic

Well, i can share their contact, and if that is a problem for Rafael, then let it be,

Also you can simply ask them and/or contact their Selling Service (like Digital River in my invoice )and confirm any public info or clear your doubts, it is not like you are violating anyone privacy, just doing your diligence.

 

On 3/2/2023 at 5:35 PM, Tom F said:

"No forum" I've always gotten excellent support via email.  Sure, a forum is always nice to have. And I am a big forum user when they're available.  But, TBH, the absence of a forum hasn't been an issue for us.  This isn't an enormous product where communicating with other users would provide a lot of value to me.

There was a forum years back and they closed it as it was wasting their time and confusing the clients more than resolving problem, look at EurekaLog they did closed their forum, is their support is trust worthy now ?  the answer is nope !

On 3/2/2023 at 4:27 PM, John R. said:

• Their website content seems to be too good to be true, and despite some color changes, I believe that it has exactly the same content for years
• It is not that big of a deal but for a security related company, having website pages with a .php extension is not a great way to show technical skills

You are judging a book by its cover, and if that have any impact in real world, then Amazon site is the worst designed interface with ugliest/stupidest UI search algorithm you will ever see, this doesn't mean they are not the leaders in their business sector.

 

Now to one of many things that is not mentioned in the site but i am familiar with it, code virtualization and their VMs, 

One day, in fact one of the old days when i decided to test Winlicense VM engine on my own, i used OllyDbg with custom script, i adjusted and tested that script to work as fast as it can and even dropped valuable information from its logging to speed it, i am doing controlled test and i am looking for already know code, all these i am familiar with, and built a simple application with one VM, inside it a specific code that i will recognize, and wanted to know how hard/easy to analyze WL VM, the chosen VM was one of the smallest and the fastest, the debugger script was to perform step into and log the instructions and the modified register, so i can find my own code, of course disabled most the other protection in WL like allowd debugging ..etc and ran the script right before entering the VM, and the process reached and break point out side the protected code which was three Delphi lines, the process took around 45 minutes, and generated a log with around 300mb in size, also took me hours to pin point the exact place where my 3 lines executes, great and was happy with my finding, now i changed to a heavier VM one of the upper middle in complexity and size but not the most complex or the biggest, and ran the script, the is that i remembered that i have a life to live, and stopped at after 3-4 hours with 3.5 Gb of log file, and there was no evidence that my 3 lines were executed yet.

The result was very happy with WL, i know its limit or at least i have an idea, specially my protected projects have something around 3-6 different VMs and code flow must pass at least 10 VM macros before giving the user (or hacker/cracker) any useful place to pin anything useful.

in general i use 50 VM macros for these few VM, and if some hacker/cracker want to spend weeks/months to crack it, then let it be, most likely my application will be updated and rendered his work as obsolete, also the way i do it, he might be successful but this will work for one PC, his own PC and that is worst scenario for me.

 

These VM run at full speed and they have an impact on the application performance even the heaviest my take up to a second, but with care you can minimize that impact and at least hide that effect from the application user.

 

Hope that helps.

 

Edit the invoice now doesn't have full address.

Edited December 6, 2023 by Kas Ob.