Early versions of Windows just needed a valid product key to work. From Windows XP and for every Windows version that followed, we also need to activate the operating system to use it. Let's see how Windows activation works, and how and why we can lose the Windows activation status.
- 1 Windows Activation: a "Solution" to Windows piracy
- 2 How a Windows product key is tied to a particular PC
- 3 What happens to the Windows activation when we change hardware?
- 4 The exceptions to Windows Activation
- 5 Did Windows Activation deter piracy?
- 6 To be continued... how to activate Windows after a "substantial" upgrade
Windows Activation: a "Solution" to Windows piracy
Does this product key remind you of anything?
This is probably the best-known Windows 98 product key. Many PC technicians and power users from late 90's have probably memorized it - I know I have. Anyone could install Windows 98, enter the above product key during the installation, and have a full version of Windows, as if they have bought a license.
Back then, Windows didn't have any system whatsoever to make sure a product key wasn't used more than once. They couldn't even prevent product key generators, which could spew out practically endless valid product keys.
This, of course, is software piracy, and Microsoft didn't particularly like it - although one could argue that the freedom to install Windows for free did help Microsoft conquer more than 90% of the PC market.
In any case, after the miserable failure that was Windows ME - and probably nobody wanted to pirate that piece of crap - Microsoft decided to do something about Windows piracy. The solution, which they first implemented it in Windows XP, was Windows activation.
Now, beyond a valid product key, every Windows installation needed to communicate with Microsoft to become activated, either automatically through the internet or manually, with a telephone Windows activation.
This Windows activation ties any given Windows product key with a particular PC. If the same product key were reused on a different PC, the Windows activation would fail.
How a Windows product key is tied to a particular PC
There are three steps to Windows activation.
First, during the Windows installation, the operating system creates a unique product ID from the product key. We can see our Windows product ID by pressing Win + Pause/Break.
The second step for the Windows activation is the Hardware Identification (HWID). HWID is a unique number that is tied to our PC's hardware, and it is also calculated during the Windows installation.
Every component of our PC, from the CPU to the GPU to the Network Adapter, has a unique serial number. Windows runs a mathematical formula on each serial number and creates a hash, in a way that it is impossible to find the original serial number from the hash (a one-way hash).
Between four and ten bits are used from each component's hash, depending on the part.
|Component Name||Example Hash Value (#o of bits)|
|Display Adapter||00010 (5)|
|SCSI Adapter / SAS adapter||00011 (5)|
|IDE Adapter / SATA Adapter||0011 (4)|
|Network Adapter MAC Address||1001011000 (10)|
|RAM Amount Range (i.e. 0-64mb, 64-128mb, etc)||101 (3)|
|Processor Type||011 (3)|
|Processor Serial Number||000000 (6)|
|Hard Drive Device||1101100 (7)|
|Hard Drive Volume Serial Number||1001000001 (10)|
|CD—ROM / CD-RW / DVD-ROM / DVD-RW||010111 (6)|
|Hardware Hash version (version of algorithm used)||001 (3)|
Only internal PC components count, not peripherals, such as the monitor, keyboard/mouse, USB devices, etc.
From all the above Hash values, through an algorithm, an 8bit HWID is created.
On Windows activation through the Internet, a "handshake request" is sent to Microsoft. This request contains the product ID, the HWID, the activation technology version, and the request header data, with a request ID that ties all the information together.
Through the Windows activation, the product ID (which represents the unique product key) is tied to the particular hardware ID on Microsoft's servers. This prevents the product key to be reused for Windows activation on a different PC.
The one-way hashing for the HWID guarantees our anonymity. It is impossible to identify our hardware components' serial numbers from the information that is sent to Microsoft.
If the Windows activation is successful, the confirmation is sent back to our PC as a digital certificate, signed by Microsoft.
The telephone Windows Activation - to activate Windows without an internet connection - works similarly.
The product ID and the HWID are combined to an "Installation ID", which is translated into a 63 digit decimal number.
We need to provide this number through our phone keypad, and the automated telephone system will give us a confirmation ID to manually add for the Windows activation.
What happens to the Windows activation when we change hardware?
The check for the Product ID and Hardware ID doesn't happen only during the installation.
At each login, Windows recalculates the HWID. It then compares the current HWID with the HWID on Microsoft's servers, to see that it is running on the same or similar hardware where it was activated.
If the HWIDs are "substantially different", we lose the Windows Activation, and Windows needs to be re-activated.
Changing a single hardware component, even something as inconsequential as the DVD-RW, will by definition change the HWID. So, does that mean that by such a simple change, we will lose our Windows activation status?
Of course not.
Microsoft has predicted the upgrade scenario. That is why the HWIDs need to be "substantially different" for us to lose the Windows activation.
But, what does "substantially different" mean?
First of all, the network adapter has a superior weighting as a hardware component. If we have the same network card, we need to change six or more hardware components before reactivation is required.
This means that with the same network adapter, we can change CPU, add or remove RAM, change GPU, change DVD-RW, and clone Windows on a new hard drive, and our PC won't require reactivation.
If however we change network adapter, or we didn't have a network adapter to begin with, we can only change up to three devices (including the network adapter). If we change a fourth device, we need to reactivate.
If should be noted that if we change one particular component multiple times, e.g. change six GPUs, it only counts as one change regarding the Windows activation.
Also, adding additional components (a second hard drive, a second GPU for SLI or Crossfire, etc.) won't affect the Windows activation at all, provided that the original parts remain on the system.
The bad news is that most PCs use the motherboard integrated network adapter. The motherboard also integrates a SATA controller. Most modern motherboards integrate a GPU, regardless if we are using it or not.
That means that just by changing the motherboard and the CPU, we have probably surpassed the allowed three changes (network adapter, SATA controller, integrated GPU, CPU), and would need a reactivation.
The exceptions to Windows Activation
Not every single version of Windows activates the same way. Enterprise versions of Windows XP acquired through a volume license agreement and with a volume license product key had no activation, hardware checking, or limitation on installation.
For a long time, Windows XP pirates were using a leaked volume license key that didn't require a Windows activation, before Microsoft blacklisted it with the "Windows Genuine Advantage" initiative.
Also, some PCs with pre-activated Windows would have an OEM-specified BIOS, for a protection named "System Locked Pre-installation" or SLP. Windows wouldn't check the HWID on this systems; it would just compare the PC's BIOS to the SLP information.
For more information regarding the Windows activation, you can read the Technical Details on Microsoft Product Activation for Windows XP.
It's a bit dated, since it was last updated in August 2001, and it won't cover Windows Vista or later versions, but the basis of the Windows Activation hasn't changed much over the years.
Did Windows Activation deter piracy?
Pirates, if anything, are an insistent bunch.
For every version of Windows that required activation, there have been multiple methods to activate Windows illegally. From the aforementioned volume license keys to Emulated KMS (Key Management System) servers that would "activate" invalid product keys.
At the end of the day, if somebody wants to pirate Windows, the Windows activation isn't much of an obstacle.
To be continued... how to activate Windows after a "substantial" upgrade
Depending on the version of our Windows license (Retail, OEM or DSP), reactivation over the internet might be impossible after a "substantial" hardware change.
There is, however, a way to bypass this restriction, which we will cover in detail in a future guide.