B&N Changes Nook DRM Key, Further Proving That They Don’t Want Your Business

5905784087_ebb825d0bf[1]Hot on the heels of the news that B&N has cozied up to the vanity press Author Solutions comes a new report that the retailer has changed how it is implementing its DRM. A reader has informed me, and other sources confirm, that Barnes & Noble has changed how it generates  its encryption keys.

Ever since B&N launched Nook in 2009, the retailer has based the Nook DRM encryption keys on a customer's credit card number and name. That technical spec had been inherited from eReader.com (which B&N got when it bought Fictionwise in early 2009) and enabled users to load their ebooks on to any app or ereader which supported a certain type of Adobe DE DRM (Mantano, for example).

But now B&N is using a new method for generating its encryption keys. I can't yet tell you what the new method is (it looks to be random), but I can report that the actual DRM has not changed, just the method for generating the encryption key.

If you have a Nook app, you can still download and read your ebooks (for now). But if you want to protect your ebooks from B&N's future bungling by removing the DRM, that's going to require a little additional work.

To start, you'll need to download, install, and activate NookStudy (get it here). You have to use it to download Nook ebooks. After you've downloaded a Nook ebook, NookStudy will have a copy of the new encryption key. (And once you have the key, you can use the usual workaround to bypass B&N's block on downloading your Nook ebooks.)

You can find the key in one of NookStudy's log files, and get this: NookStudy stores the key in plain text.

Yes, B&N may lock up the Nook ebooks you buy but they also literally hand you the key so you can extract the ebooks and strip the DRM.

I know that the concept of DRM is flawed due to the fact that the end user has to be able to decrypt the DRMed content, but this is the first time that I have ever encountered a company giving me the encryption key in plain text.

For more detailed instructions on how to get the key and use it, read the help file for the Apprentice Alf DeDRM plugin. I uploaded a copy here.

Note: I've tested the help file as far as finding the key. It is accurate.

image by frankieleon




About Nate Hoffelder (11463 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader: "I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

55 Comments on B&N Changes Nook DRM Key, Further Proving That They Don’t Want Your Business

  1. Maybe its so they can pay lip service to the DRM while really saying, if you want to strip it you can?

    And you really shouldn’t use credit card numbers in any encryption scheme for security reasons….

  2. You were just made aware of this now? I noticed the change back in Sept 2014.

  3. Better late than never. I have family who still use B&N ebooks but I’ve been taking my time with bothering to untie their purchases.

    Probably should start on that sometime soon before it becomes a little worse, perhaps.

  4. sorry to nitpick, nate, but I can’t help myself – “Hot on the heals” should be “Hot on the heels”.

  5. Wow, NookStudy’s installer is brainless. I tried to install it to my D: program files directory, since my C is a SSD and I try to keep as few programs there as possible. So I changed the C: in the install-to to a D:…and then when I told it to install, it complained it couldn’t write files to the original C: directory. So I had to install it to my C drive instead. Bleah.

  6. There is a simpler solution to all of that. Don’t buy DRM infested books. There is plenty of quality DRM free literature out there.

    • Yeah, but if the specific literature you want has DRM on it, well, guess what?

      • You should pass on that book, even if you really want to read it, Chris. You simply should not buy it! That is the only way, to wake up the sellers. If you accept DRM, you will get DRM, now and in the future.

        • Sadly, enough consumers already accept (indeed, don’t even recognize the existence of) DRM that even if every tech-savvy e-book geek in the world boycotted it, nobody would notice. All the ordinary people who don’t care or know about it will keep right on buying, because they can do it by tapping once on their gizmo without even having to bestir their butts from their easy chairs. And in the meanwhile, I wouldn’t be able to read the book I want to read.

          So, yeah, thanks but no thanks. I’m not into nose-cutting for the sake of face-spiting.

  7. I don’t see the problem with NookStudy printing the DRM key in the log. Previously, every user knew their own key (it was the CC number that was in effect when you downloaded that copy of the book). Now, the same user still knows their own key by getting it out of the log file. And publishing that key won’t unlock the book for the world, because the book you have was encrypted with your own key when you downloaded it. Every other user’s copy of the same book would have their own key.

    Not that I agree with DRM, I just don’t think B&N seriously breached some kind of security by printing the key in their own log file.

    The biggest problem here is finding it. And then, it is a giant hash key, not very memorable, and thus not easy to type into Mantano. Users should use Calibre and DeDRM to strip the DRM permanently (using their key) before they add their books to Mantano.

    • The point of DRM is to secure the file. Handing someone the explicit key makes stripping the DRM a lot easier, and thus much less secure.

    • Even if it is hard to type, I don’t think you can use this key in Mantano. What part do you use for the userid and what part for the password?

      • I haven’t tried it yet, since I use DeDRM and Calibre. But back when I typed passwords directly into Mantano for Nook books, the user ID was your credit card name and the password was your credit card number. I assume now, it is still credit card name as user ID, and hash value as password, but I haven’t tried it.

        • I already tried that and it didn’t work. I also used my email address as userid. Removing the ” / and = didn’t work either.

          • Mark Ritchie // 6 March, 2015 at 6:04 pm //

            Hmm, ok. I recommend installing Calibre and DeDRM, and importing the keyfile as they recommend in their Barnes & Noble help. Then you can create DRM free files which you can load into Mantano.

    • OK, dumb question, but how do I extract the key from the log file and then turn it into a keyfile? I tried copying and pasting the hash key, and saving it in a .b64 file and using that for deDRM in calibre, but was unsuccessful. Any help?

  8. Which file, exactly, are you getting the key from? I was looking at BNClientLog.txt, in NookStudy’s log folder, and I tried a few different things from that file. Any advice?

  9. Has this already changed? I have tried on multiple devices and am unable to find the log file. On mac, no data for Nook appears in my application settings. On Windows, I get a folder, but no log file. The closest I have is an API file.

    • I found the log file after I downloaded the ebooks in the NookStudy app.

    • Laura, for Windows — open the “About” window and check for a link/button there that will export the log file. That worked for me.

      I’ve begun to warm to Feda’s argument. There are are a few ebookstores out there that don’t use DRM. If they’ve got the book, I now go there instead of B&N even if the purchase price is a couple bucks higher.

      • That never worked for me, but it did work for others.

      • Which stores don’t have DRM? If you google DRM-free ebooks, you get a million sites, most of which I suspect are illegal and/or virus-infecting. Which *reliable* stores have DRM-free ebooks?

        • Baen Books

          those are all I can think of off the top of my head while sitting in a airport terminal, but there are more.

        • The use of DRM is a publisher decision at Amazon, where there are hundreds of thousands of DRM-free titles.
          Some publishers, like BAEN, add a DRM-Free notice but for most you have to look lower in the listing. Check the book description for “number of simultaneous devices”. If the ebook says “unlimited” it is DRM-free.
          Generally, books from Baen and Tor will be DRM-Free and at least half the Indie titles at Amazon are DRM-free.

  10. i want to download nook study for windows 7, anybody help?

  11. I am also having difficulty finding the log file on a PC using windows 7. I tried following the install path. The only folders showing up are Dictionaries, JaveScriptCore.resources, Normalizer, Plugins, and WebKit.resources. I tried searching BNClientLog.txt and I also tried using the about tab in nookstudy – copy log info to clipboard. I still can’t find it. Any help would be appreciated. Oddly enough, of the books I bought from Barnes and Noble in the past month, only 3 of the 7 are getting the DRM stripped when I import them into Calibre using the plugin that was set up prior to the encryption change. They are not the last 3 books I bought either. One was about a month ago but several other books successfully had the DRM stripped before the next one didn’t work.

  12. I have a Nook reader, but I still want to have DRM free files. All of my ebooks are on my Nook so downloading isn’t a problem. (Located in

    I looked at the files on my Nook (It comes up as Drive D on my computer) and in D:\.adobe-digital-editions there is a file called activation.xml and part of it’s contents are:

    Are these the keys needed to unlock the DRM? If so, what do I do next. I very concerned about the long term prospects for Barnes and Noble as they seem to have angered their biggest (ie those with the most ebooks) customers.

  13. The Nook Study is no longer working. At least on Windows 10. You get an internal error about not retrieving the adobe login. Using Nook PC, you can download the epubs from your library, but the DRE plugin will not remove the DRE.

  14. Just an update to my previous issue: I had to use Nook from the Windows App store on my Windows 10. Then used Calibre with the DeDRM Tools 6.3.2 plugin. I had to use my B&N email and credit card number instead of email and password.

    • but that worked?

      • It worked for may particular books. Some were purchased more than a year ago. One I purchased that night I did all this. None would let me strip the DRM using the current DeDRM Tools as per the instructions. I posted over on the DeDRM blog asking questions and trying suggestions before finding what worked for me. Which, actually surprised the author as he said B&N doesn’t work like that any more.

        I’m on Windows 10 so used the Nook App that came with Windows Store as part of my solution. I tried all other methods… downloading and old version of Nook Study, Adobe Digital, signing up for an Adobe account.

        In the end, I deleted all the programs and all my downloads. Then installed Nook App from Windows Store, logged in using my B&N email/pass, and downloaded the books (they show up in the Local State directory inside D:\Users\Your_Name\AppData\Local\Packages\Barnes_Noble…something).

        From there, I opened Calibre and configured the B&N key for the DeDRM plugin and used my B&N email and the credit card number I used to purchase the books… the same I had as my default payment when re-downloading as well… which I think the latter is important in my case.

        I had tried using my B&N email/pass in the plugin and it simply wouldn’t work. As a last ditch effort, I used the CC number and bingo. No issues with the import and DRM stripping.

        • Thanks for this.

          I wasn’t sure how to proceed. I’m still on Windows 7, so i could not test this myself.

        • It’s worked for my books as well. Good work Robert and thanks for the heads up!

        • Argh! Thanks for info Robert. I could not find files before. But I have been trying and it didn’t work for me. I have windows 8, reinstalled nook app from windows store, downloaded books. Opened Calibre, configured B and N key in DeDRM plugin using user name and tried with both current credit card and older one (used for most purchases). Still have DRM locks on many books. Very frustrating! Like others, I guess I have made my last BandN purchase.

          • I found that if you have to change the key, you have to uninstall and reinstall Calibre and all the plug ins. It’s a pain in the butt, but it worked for me with the exception of two books that were sent as gifts to another user or the same computer.

          • Anytime, Nate. I’m glad I could be of some help.

            I just want to update: The gifted books I mentioned in my previous post are STILL locked and I can’t seem to figure out a way to unlock them. I’ve tried every email, CC# I could think of, the older “password” version of the key, etc. It’s not working.

            Not sure what’s happening with the gifted book, but the books personally to my account an to my mother’s have all been unlocked.

          • Sorry that should read: “but the books personally downloaded to my own account and to my mother’s have all been unlocked.”

  15. I updated and opened Nook Study no my Mac. When I went into the configuration and looked at the account, I got the spinner for several hours. So I logged off and tried logging on with the account I access B&N on my web. Nook Study says it is an invalid account. I can look at my credit card information by using that password in Nook for Mac (although I don’t know how it knew my UserID). I thought it might want my Adobe password, and entered it. I didn’t get the error, but I didn’t log on either, the logon screen looped without an error message.

    How do I log on to Nook Study?

1 Trackbacks & Pingbacks

  1. Barnes & Noble taps new CEO for Nook division as revamped B&N e-commerce site hinders access to e-books - TeleRead: News and views on e-books, libraries, publishing and related topics

Leave a comment

Your email address will not be published.