Common questions.

SimpleStrap is paid access only — purchase a key to get started. Each key is single-use and tied to one account.

No. The key is used only once during account creation to verify your purchase. After signup you choose your own username and password — the key is consumed and no longer needed.

Yes. Every launch verifies your session against the server. If the server is unreachable or your session is expired, the app will not start. This is by design — offline access is intentionally blocked.

No. Your password is hashed locally with PBKDF2-SHA256 (100,000 iterations, 16-byte random salt) before any network request is made. Only the hash is stored — the server never sees your raw password.

The admin can force-expire all active sessions at once — usually done after a security update or when resetting access. Just log in again with your username and password to get a fresh session.

SimpleStrap is distributed without a code-signing certificate, which triggers SmartScreen on all Windows versions. Click More info then Run anyway to proceed. The exe is safe — you can verify the hash from the GitHub release page.

SimpleStrap logs anonymized telemetry on each launch: OS version, app version, and approximate location. Your username and machine name are one-way hashed with MD5 before being sent — no raw identifiers leave your machine.

Yes. SimpleStrap is a true self-contained single-file executable — it bundles the entire .NET 6 runtime, all WPF native DLLs, and the app itself. You don't need to install .NET separately; everything needed is inside the file.

Open an issue on the GitHub repository and include your OS version, SimpleStrap version (shown in the About page), and a description of what happened.