Authorization Code Scheme

F3EL7-T3YL2-MBN5P-ZQI6R-YE8PI

Ever type that into a pop up box on your computer when installing software?  If not, you’ve never installed anything from Microsoft (or many other companies) – at least not legally. 

This morning I was copied on an email from my partner Ryan McIntyre to a company we are talking to about funding that said:

“I use Pro Tools and other pro audio software regularly and since the SW is quite expensive, the SW vendors go to great lengths to use copy-protection, and most audio plugins and applications (and there are dozens) have some sort of authorization code scheme, ranging from friendly to downright byzantine.  It drives me nuts, but my constant exposure to it means I’ve formed some opinions about what is “easy” when it comes to entering authorization codes.  The easiest plug-ins (authorization-wise) in the audio world use alphabetical codes broken up into strings of words, so instead of the longs strings of numbers, you get long strings of words, which are much easier for a human to enter without a mistake.  A couple code examples might be:

HOUSE-BIRD-TRUCK-DRUM
FLINT-TRUE-SWORD-CALL

You get the idea.  I’m assuming third-part auth-gen packages must exist to generate codes like these that give you a big enough address space yet also make guessing authorizations relatively difficult.  And that you could relatively easily change your process at the manufacturer for associating MAC addresses with device IDs.”

I prefer auth-codes that are haikus.  I wonder if there’s a patent on this?

Related posts:

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

14 Comments on “Authorization Code Scheme”

  • gturpin March 31st, 2009 2:06 pm

    The idea of auth-code haiku seems appropriate, given that I have to be in a Zen-like state to successfully enter the typical alphanumeric auth-codes.

  • Rick Levine March 31st, 2009 3:03 pm

    $ cat /usr/share/dict/words | egrep '^[a-z]{3,8}$' | wc -l

    76025

    Five words gives us a namespace of 10E24. We can burn 10E15 for Haiku generation and still have plenty of rope.

    Implementation hints:

    http://www.oblomovka.com/code/haiku/haiku
    http://www.spatch.net/emily/haiku.shtml

    prudent-word-choice-calms-typist

  • Brad Feld March 31st, 2009 3:08 pm

    I-LOVE-SETH-ELLIS-CHOCOLATES.  Rick – you are hilarious, nerdy, and a haiku artist.

  • Rick Levine March 31st, 2009 3:18 pm

    Best prototype gets a large box of our chocolates. Brad's the judge.

  • Todd March 31st, 2009 4:24 pm

    Most pro audio software dumped challenge/response years ago and went to the iLok dongle (http://www.ilok.com). I know Pro Tools and all the Digidesign software uses iLok, as well as Waves. When I worked in this industry, the only non-iLok vendors were the small shops who couldn't afford to license iLok.

    It's ironic that the industry which complains the most about intellectual property has one of the worst track records in respecting other peoples IP.

  • Ted Howard March 31st, 2009 5:43 pm

    Have you ever entered a pre-paid code on an Xbox 360 using the standard controller and on-screen keyboard? I have. Many times (because it was free for MSFT FTE's in games). Every time I do it, I wish that the codes were designed to be more easily entered through that unique HCI.
    One of my better thoughts was that if everyone was always guaranteed to have a webcam, just make a visual code. Even without that, put a little OCR into it and have the webcam translate from print to digital text.

  • Ryan March 31st, 2009 5:49 pm

    Todd, right you are about the iLok, the USB dongle that stores your authorizations for ProTools and other audio software. Now that pretty much all plugin vendors (it took a while for AutoTune and Waves to get with the program) support iLok, it is very handy since you can take your authorizations to another machine in another recording studio and be able to use your plugins there too.

    But, several of the plugins that support iLok still use a code-based authorization scheme to generate your iLok authorization and place it in your account at iLok.com before you can load the iLok auth onto your iLok USB key.

  • Brad Feld March 31st, 2009 7:29 pm

    Yes – I agree that it’s a total nightmare.  Last night on 24 the President used a webcam to sign an executive order digitally.  I can’t wait.

  • Josh Fraser March 31st, 2009 7:47 pm

    you beat me to it. i was about to post the same thing.

  • sethlevine March 31st, 2009 8:14 pm

    confusing keys blow
    like the wind through blooming trees
    go away key now

  • Pete Warden April 2nd, 2009 12:44 am

    I love Haddock for its memorable password generation:
    http://stephencelis.com/2009/03/29/whats-the-pass...
    After haiku, lets shoot for iambic pentameter.

  • Swin Deorin September 12th, 2009 11:39 pm

    i have reaktor 5 and i cant get a authorization code for it
    if you have any help it would be appreaciated

  • Car insurance claims >> http://onlinecarinsuranceclaims.com/ November 23rd, 2009 1:37 pm

    [... - http://www.feld.com is other nice authority of tips. Online Car insurance claims [… -

  • mod converter March 16th, 2010 2:27 am

    This article is very interesting. Thank you very much for sharing .

Leave a Reply

Brad Feld

Hi, I'm Brad Feld, a managing director at Foundry Group who lives in Boulder, Colorado. I invest in software and Internet companies around the US, run marathons and read a lot.