Security 2 (S2)
S2 defines multiple security classes that use the same encryption but different keys. The class a device uses is determined during pairing.
| Class | Description |
|---|---|
| Unauthenticated | For constrained devices. No PIN code required. |
| Authenticated | For most household devices. Requires a PIN code. |
| Access | The most trusted class, used for locks and garage doors. Requires a PIN code. |
| S0 | For interoperability with S0-only nodes. |
As of Homey Pro v13.2.0, all keys requested by a device are assigned during pairing. Before v13.2.0, only the highest requested key was assigned.
If the S2 handshake fails, the device is added to the network but won’t function correctly. Homey notifies you after pairing and gives you the option to remove the device and try again.
Security 0 (S0)
S0 is the legacy Z-Wave security standard. It is less secure than S2 and significantly less efficient, as each message requires twice as many transmissions. For these reasons, S0 is disabled by default in Homey.
S0 can be enabled in two ways. If a device requires it, the Homey app developer can enable S0 in the app’s configuration. When pairing a Z-Wave device in Homey Pro v13.2.0 or later, S0 can also be enabled manually in the Advanced Settings during pairing. This option is not available before v13.2.0.
No security
Not all devices require security. Whether a device communicates securely is determined by the device itself. Unsecured communication is the fastest and most efficient mode, but it offers no protection against eavesdropping.
If you enter PIN code 00000 on the security verification screen during pairing, the security setup is skipped, and the device is added without encryption. This is a last resort when standard pairing is not working.
