Need some opinions.

I'm trying to come up with a licenseing solution for an asp.net webapplication.

Its totaly dependent on a database.. so my Idea is...

to encrypt the connection string in the registry and have my "product key" actually be an encrypted version of the connection string.
so they'll send the server name and database name to my webservice.

my web service will use those two parameters to generate an encrypted connection string. and (only part i hate) my code will have the decryption key hard coded.. so that it can decrypt the "product key"/connection string.

(Is there anyway to get away from haveing something hard coded in the code?)

this way once they have a product key they can replicate my software as many times as they want but it'll always point to the same server & database, which is ok with me.

if they want to point it to a different server and database they'll need me to generate a new encrypted connection string based on the new name/server.

thanks,
Paul