I need to protect software using a USB key. Can I just query a USB drive with WMI and obtain the PnPDeviceId from Win32_DiskDrive Class, and compare it with one already hashed and hard coded in the application? How secure is this? Can the PNPDeviceID property be modified? Is hardware coded? Any other idea?
Logically the USB drives are going to be carefully selected.
Thanks
It can probably be faked with a device driver layer, I don't know if it can be changed in the device - I have never seen anything to do it.
I was thinking of this as a cheap alternative to a dongle and a way to distribute the software.
One thing to be careful of - the very cheap USB keys don't implement this they just send a random (?) key when plugged in, so they get a new id when inserted in different ports.