With the help of the key technologies including the integrity verification, access control, and sealed storage, a kind of USB key-based approach for software protection is presented. At first, the integrity verification is used to protect the data consistency in USB key. Secondly, the mutual authentication is performed between the software and USB key to check the validity, in which identity authentication is based on the dynamic password technology. Lastly, the data is encrypted between the software and USB key using triple DES, and the communication data is integrated with the MAC (message authentication code). Above all, the mutual authentication is to avoid the fake attack, the encrypted text is used for information hiding, the MAC is adopted to protect the communication text from being tampered, the dynamic password is used to prevent the replay attack. In addition, the play-and-plug USB interface is convenient to use.