A Microsoft page discussing Product Activation includes the following
statement: “Product Activation works by verifying that a software program’s
product key has not been used on more personal computers than intended by the
How does activation of, say, WinXP differentiate between multiple
installations on one PC (legitimate), compared to single installations on many
PC’s (pirating)? If I periodically reinstall WinXP on my PC from my legitimate
install CD, will the activation process at some point think I’m pirating the
software because of multiple re-installations?.
Actually Windows Product Activation is a tad more complex than that text
from Microsoft would lead you to believe. There was a lot of concern
when WPA was first announced that people wouldn’t be able to activate, or
re-activate, legitimate copies of Windows. So far that actually hasn’t seemed
to be the case.
Now, there are cases where WPA might wonder what you’re up to … but even
then the process that follows is supposed to handle that case cleanly.
Become a Patron of Ask Leo! and go ad-free!
The missing piece of the Microsoft text is that WPA tries to identify your
machine. In Microsoft’s own Product
Activation FAQ they include this cryptic comment:
Product key information, in the form of the product ID, is sent along with a
“hardware hash” (a non-unique number generated from the PC’s hardware
configuration) to Microsoft’s activation system during activation.
The key there is that “hardware hash”, which is based on 10 hardware
characteristics of your machine:
Network Adapter MAC Address
RAM Amount Range (i.e. 0-64mb, 64-128mb, etc)
Processor Serial Number
Hard Drive Device
Hard Drive Volume Serial Number
The bottom line is that WPA tries to form a of picture of your machine,
something that will be unique to it, and it alone.
I believe that the hardware hash is one-way. Meaning that only a specific
configuration of hardware can be used to generate the hash, but the hash that’s
generated cannot be used to identify the machine or its configuration. (In fact
this one-way nature is a characteristic of the very concept of “hashes” in
introduced, my feeling is that it’s now essentially a non-issue for legitimate
Now, when you activate your copy of Windows, the product ID and your
hardware hash are sent to Microsoft. If your product ID has not yet been
activated, the information is simply recorded. However, if your product ID
has already been activated, then if the hardware hash is the
same – meaning you’re activating it on the same computer as before – then the
activation is simply allowed. You can do this as many times as you like.
Quoting the FAQ: “Activations on the same PC using the same product key are
And you can probably guess that if your product ID has already been
activated, but you’re activating it on a completely different machine,
the activation may not take. The scenario that Microsoft is concerned about is
what they call “casual copying”. You install Windows XP and activate it, then
hand your CD and product key to your friend to install on a second machine.
That’s piracy, and is exactly what WPA is designed to prevent.
Now the issue that many people have raised is “what if I upgrade my
Referring again to the FAQ, “Product Activation is able to tolerate a
certain degree of change in a hardware configuration …”. It’s difficult to
quantify in readable terms exactly how much can be changed. But common
changes such as simple upgrades will not cause an issue. The FAQ actually goes
into a little more detail on this.
More wholesale changes, on the other hand, get interesting.
If WPA notices that “a lot” has changed (whatever “a lot” might mean), you
may be prompted to activate by calling Microsoft. This might be the result of
several changes to the previously activated machine, or by
moving your installation to a completely new machine. I
believe both are legitimate, but either may trigger that need to activate by
While WPA was quite the topic when it was first introduced, my feeling is
that it’s now essentially a non-issue for legitimate users. It’s been in use
now for years and even though many expected it we haven’t heard of
widespread issues due to WPA. In fact the only people who appear to be affected
are those intended to be: software pirates. And while as Microsoft says it’s
not a “silver bullet” is has made piracy somewhat more difficult while not
impacting legitimate users terribly.
Important: Comments to this article which request
activation codes or CDs will be deleted.