The process for "Windows Product Activation" for the retail-boxed "Windows XP", "Windows Vista", and "Windows 7" is as follows:
During the installation of Windows, the user inputs in the 25-charactor "product key" that is usually supplied on the "Certificate of Authenticity" that is enclosed with the retail box.
After installation, the user is notified through a dialog box that Windows has to be activated within 30 days.
Activation can be done over the phone with a Microsoft call center agent or via a software utility that is supplied with Windows XP. Both methods of activation are done by the "Windows Product Activation" utility.
This utility scans the hardware of the computer and then uses a Microsoft-proprietary hash algorithm to calculate a "hardware identifier" number that is based on information gathered from the hardware devices of the following ten categories/characteristics that were detected during installation:
1. Display Adapter
2. SCSI Adapter
3. IDE Adapter
4. Network Adapter MAC Address
5. RAM Amount Range (i.e. 0-64mb, 64-128mb, etc)
6. Processor Type
7. Processor Serial Number
8. Hard Drive Device
9. Hard Drive Volume Serial Number
10. CD-ROM/CD-RW/DVD-ROM
The "Windows Product Activation" stores an encrypted representation of the "hardware identifier" in a file called wpa.dbl at C:\windows\system32\
If
more than one of each category of devices was detected, the Windows
Product Activation utility only uses information that was gathered
from the first device that was found during installation.
The detailed hardware information that is used to generate the "hardware
identifier" cannot be reverse-engineered or derived from the
"hardware identifier". Hence, neither Microsoft nor any
third-party entities has access to the detailed hardware information
that was used to generate the "hardware identifier". The
"hardware identifier" also contains hash values for whether
the computer is "dockable" and the version number of the
"hardware identifier" which avoids duplication between
multiple computers that inadvertently generate the same "hardware
identifier".
During the Internet-based version of the activation process, the "Windows
Product Activation Utility" transmits the following items to
Microsoft's activation servers using "Secure Sockets Layer"
over HTTP.:
1) The 9-byte Microsoft "Product ID" (also known as the "Raw Product Key") that was generated by during the Windows installation process.
(It is "Product ID" is derived via a Microsoft-proprietary algorithm that is applied to the 25-character
"product key" that is on the "Certificate of Authenticity".)
2) The "hardware identifier" number,
3) Customer data that was voluntarily provided by the end-user in the "Registration" screens of "Windows".
Next,
the activation server then sends "certificate ID", issue
date, and error code that is used by the "Windows Product
Activation" utility.
Finally, the activation server sends a 9-kilobyte digital certificate that is
used by the "Windows Product Activation" utility to
activate "Windows".
If the
user elects to activate via a telephone call, the Windows Product
Activation utility uses two items:
1) The 9-byte Microsoft "Product ID" that was generated by during Windows installation process.
(It is based on the 25-character "product key" that is on the "Certificate of Authenticity".)
and
2) The "hardware identifier" number,
Using these two numbers, the Windows Product Activation utility creates a 50 or 54 digit "Telephone Installation ID" that must be verbally spoken to the Microsoft agent. The agent uses it to create a 42-character "Confirmation ID" that the computer user must enter into the dialog box of the phone activation dialog box. This "Confirmation ID" consists of an "activation key" and "check digits". After this "Confirmation ID" is entered, the user's copy of Windows is activated and the 30-day limit is lifted.
The "Windows Product Activation" utility is active during the bootup of Windows. It calculates a "hardware identifier" and compares it the one that is stored in the wpa.dbl file
If more than 3 of the 10 hardware product parameters have changed, then the Windows becomes inactivated and the "Windows needs to be activated" dialog box is displayed to the end user.
If a hardware change(s) is made that invalidates the activation, the end user will have a 3-day grace period to re-activate "Windows" by either over the Internet or by phoning a Microsoft call center agent.