A very good suggestion for slow or unresponsive Z-Wave devices

Note the "zwaveSecurePairingComplete: true"

deviceType: 18244
zwaveSecurePairingComplete: true
inClusters: 0x72,0x98,0x5A
deviceId: 12336
manufacturer: 335

Create a virtual device. Use a virtual driver that allows it to be shown in the rules. (Real switch, placeholder with a virtual switch driver.) Add it to the Rules, replacing the device you are about to exclude. Rinse, repeat, for all instances. Then do your exclude and include. Put the new device into your rules, replacing the placeholder. Finally, delete the virtual placeholder device.


@mike.maxwell explained that it makes 3 round trips with secure pair, so definitely something you don’t want for anything but a lock or garage door opener.

Beginning with version 1.1.7, it is now possible to include these "always secure" devices, such as Zooz, Monoprice and some Inovelli switches and sensors, as non-secure. Unfortunately, once a device is encrypted, must be excluded and re-included to take advantage of this new non-secure controller option.

To identify which devices are encrypted, go to your hub's web interface and click "Devices," then click on the link for each sensor or switch and scroll down to the "Data" field in the bottom table.

An encrypted device would display: zwaveSecurePairingComplete: true. A non encrypted device would not display the "zwaveSecurePairingComplete" field.



Looks like I have three motion sensors to take out of secure mode. @csteele thanks for the tip on how to do this without having to rebuild everything

Also, go to the bottom of the device page and look for "in use by", make sure to take note of those and update them after the device is re-added.

Here is a list of devices known to pair as secure. Please check the "zwaveSecurePairingComplete" flag on these devices first. If you find other devices that have been included as secure (no locks or garage doors), please share them on the thread below:

1 Like

Maybe the z-wave information page should have a new column to show if a device is encrypted or not. Much easier to identify then having to go into each device to find out.

Just a suggestion :slight_smile:


While were suggesting new columns, can we have a column reflecting the state of the device?

Thanks for your feedback. There is a another way, now, to quickly identify these devices. If you go into Settings then Z-Wave Information page, the encrypted devices have 0x98 command class listed in the "Clusters" field.


So I'm confused. The device below used to have the secure pairing = true. I did and exclude and then and include. Secure paring = true is longer listed but it does have a 0x98. Does that just mean it is a Zwave plus device or is it still doing encryption?

Inclusters means the capabilities of the device, 0x98 means the device can be secure paired, not that it was paired in secure mode. If you don't see zwaveSecurePairingComplete: true then is not secured. For example, a z-wave plus device has 0x5E but non plus doesn't have the 0x5E, capabilities.


Thank you Bobby. I was asked this question just the other day on FB and didn’t get an answer. Perfect. I have now confirmed that I have successfully paired my Zen06 in secure mode as intended. Input this in place to help my Schlage lock and it seemed to fix things but I was never sure.

I’m not sure if this popped up when I paired or not. Nice to be able to confirm as in Bobby’a post after the fact.

You probably have other reasons to pair it securely.

However, I just wanted to mention that a device does not have to paired securely to act as beaming repeater for a securely paired device like a lock or a garage door opener.

Hmmm, 0x98 is showing up for me from a Zooz 4 in 1 device (installed nearly a year ago) and my new Inovelli Black Series dimmer installed 3 weeks ago.

No slow hub for me, should I chance it and delete them and start over just to be safe?


A device having 0x98 in its cluster list just means that the device is capable of joining using s0 security, it doesn't mean that it is currently joined that way.
Secure inclusion is defined by zwaveSecurePairingComplete: true

Thanks Mike, I see the difference now


First, i need to apologize for resurrecting a one year old thread. I didn't realize that when i first replied.

Interesting. That was not the way i understood it. I installed the Zen06 in this location when i was having my initial issues with my Schlage BE469NX.

Does the message "zwaveSecurePairingComplete: true" appear on the device page or only show up while the device is originally paired?

I actually have two of the Zen06 devices and 0x98 only appears in one of the inClusters lines:

  • deviceType: 257
  • inClusters: 0x5E,0x25,0x32,0x27,0x2C,0x2B,0x70,0x85,0x59,0x72,0x86,0x98,0x7A,0x73,0x5A
  • firmwareVersion: 1.3
  • deviceId: 10
  • manufacturer: 634

  • deviceType: 257
  • inClusters: 0x5E,0x25,0x32,0x27,0x2C,0x2B,0x70,0x85,0x59,0x72,0x86,0x7A,0x73,0x5A
  • firmwareVersion: 1.3
  • deviceId: 10
  • manufacturer: 634

yes and the entry is permanent.

OK, not sure what your concern is here, we only present the command classes that the device is advertising.
Devices are supposed to advertise all the command classes they implement, but this isn't always the case, nothing we can do about that.

Thank you for clarifying. I don’t really have a concern. As I stated I attempted to add the one switches in secure mode because it’s the general consensus on this forum that repeaters are required for proper operation of the Schlage z-wave BE469. Once I got over my initial problems pulling it over from my wink hub it has been behaving well, but with the lock I was trying to be on the safe side.

I still haven’t don’t more research, but I still think devices need to be added in secure mode to relay messages to locks. Evidently my zen06 is not in secure mode, so I guess it’s not helping in this case.

Download the Hubitat app