Zwave JS now supports S2 auth!

Hey all, just wanted to let you know that while not FULLY into HA YET, a release has just been posted for Zwave JS that now supports S2 encryption. I know for security-conscious individuals (myself excluded, I’m more speed than secure with my z-wave stuff excepting locks and doors) this is the FIRST open source project that has successfully added S2 auth to their software.

Worth a read:

Note: S2 multicast not yet supported.


Yay! What uses S2 multicast? Is normal traffic unicast or tcp? I know very little of the underlying protocol. Did they add QR code reading yet? I know that was separate issue.

Recommended reading :smiley:

Well beyond my knowledge of Z-wave intricacies to be fair.

1 Like

I’m mid-way through crossing over to HA, so this is pretty cool, thanks for sharing!

Nothing gets @EricM_Inovelli hotter than reading about Z-Wave Transport Encapsulation… nothing.


Do we need to move this to “so hot right now” section and mark NSFW?

1 Like

1 Like

Does the red dimmers and switches support S2 auth?

Yes. Code is on the front of the switch/dimmer. It’s also on a piece of paper in the box.


I will have to look into this. I recall some time ago, Eric the CTO mentioned that secured inclusion will always result in slower response rates from the devices.

I wonder if S2 fixes this. Or makes this a bit faster. But if this is slightly faster I guess I may have to go around and unscrew 30+ wall plates.

I’m going to keep chancing it with insecure pairing. I doubt I have a single neighbor who even knows what zwave is and who’d want to hack my lights anyways.

The QR is also on a card shipped with the switch. Might be easier if you didn’t toss them.