| 3 minutes

If you’ve ever looked into product key algorithms, you’ve most likely heard of the algorithm Microsoft used in many products in the 90’s, most notably Windows 95. If you haven’t, it’s rather simple: the digit sum of a certain segment of the key must be divisible by seven.

But contrary to what some old writeups say, that’s not all there is to it. Let’s look at each key type that uses this algorithm, and see what other aspects make a key valid.

# CD Keys

The CD key is the simplest type of key, which as the name implies came with retail CDs. It consists of two segments:

*XXX* - The first segment is the site number. It can be nearly anything from **000 to 998** (note that Windows 95 does not care about it being a number). The following site numbers are not allowed:

- 333
- 444
- 555
- 666
- 777
- 888
- 999

*XXXXXXX* - The second segment is where the algorithm comes into play. As mentioned earlier, the digit sum must be **divisible by seven**. Additionally the last digit **cannot be 0 or ≥ 8** (note that this does not apply to Windows 95).

Based on these rules, the most basic universally valid key is *000-0000007*. *111-1111111* is also commonly used.

Windows 95 is lax when it comes to the separator, and does not care what it is.

# 11-digit CD Keys

The 11-digit CD key is used by Office 97. Like regular CD keys, it consists of two segments:

*XXXX* - The first segment can be nearly anything from **0001 to 9991**. There are no banned numbers, but the last digit much be **3rd digit + 1 or 2**. When the result is > 9, it overflows to 0 or 1.

*XXXXXXX* - The second segment of the key is identical to regular CD keys.

Based on these rules, the most basic valid key is *0001-0000007*. *1112-1111111* also works, as expected.

# OEM Keys

OEM keys are the most complex type of keys that use the mod7 algorithm, and typically came bundled with new computers. OEM keys consist of 4 segments:

*XXXXX* - The first segment represents the date the key was printed on. The first three digits can be anything from **001 to 366** (intended for leap years but that isn’t actually checked), and the last two are the year, anything from **95 to 03** (02 for Windows 95) is considered valid. For example, a key with *19296* as the first segment was printed on the 10th of July 1996.

*OEM* - The second segment is self-explanatory. The first Windows 95 release is the only piece of software I’m aware of that actually requires typing it in.

*XXXXXXX* - The third segment is where the algorithm comes into play again. The usual rule applies, except that **the first digit must be 0**.

*XXXXX* - The fourth segment is truly random, and can be anything numeric so long as it’s the correct length.

Based on these rules, the most basic valid key is *00100-OEM-0000007-00000*. Highly mature people may want to forgo simplicity and go for *06900-OEM-0694207-80085* instead.

# Conclusion

It isn’t as simple as one might expect to work with these keys, but at the same time all aspects of them could easily be guessed if you had valid keys to refer to.

I don’t think Microsoft intended this algorithm to be very robust, rather they just wanted a fast algorithm that kept the most basic software pirates at bay.

**Sources used:** The leaked Windows NT 4 source code, experimentation for 11-digit keys.

**Errata:** Exceptions for Windows 95 where not mentioned before (2021/02/09), the most basic valid key -> most basic universally valid key in CD keys section (2022/07/23)