Pretty new and have what might be a dumb question, however, I pretty much only use Inovelli and Zooz dimmers and switches, some I have entered in the S2 code and some I did not and just skipped it. If I do not authenticate S2 do lose any features or functionality ?
No, most of us don't use encryption at all except for locks and garage door stuff. You lose no functionality but do gain a bit of processing overhead (s2 isn't bad, s0 is the worst, avoid if possible)
I appreciate you asking this question, because it was very much on my mind as I paired multiple devices during my transition over from Vera (which lacked S2 compliance SFAIK).
Not knowing what was expected, nor where to find the required info to input, I also "Skipped" each instance, figuring things would work okay. Did so with my Yale deadbolt as well.
I'm not even entirely sure what benefits S2 security brings to the table, though I do see security-conscious users mention it often. Is it analogous to, say, how WPA represents a stronger WiFi encryption protocol than the old WEP? And, if so, are non-S2 devices at any (significant) risk of being compromised somehow?
I have seen lots of conversations and theories talking about how one device could compromise your entire network. That being said I do not think I have ever seen anyone actually post here that there house got hacked through their smart plug or something.
Most of the reasoning I have seen just says s2 uses less traffic and therefore doesn't bog your mesh down as much. I am sure the exact details on the differences is fascinating, but nothing I understand.
Makes me wonder whether you can somehow "promote" a device from non-S2 status to full S2 without unpairing and re-pairing it. I somehow doubt this is possible, though.
The Big reason I asked this question was because I read on a thread that the Ring G2 contact sensor needed to have S2 authenticate or it wouldnt work properly, thought that maybe true of all S2 device. I have installed several Zoozs and it is a pain to get S2 to activate, so I just skip that step.
Essentially s2 is AES256 encryption. Lets assume someone was sniffing z-wave signals outside your home..(unlikely) Unencrypted packets would show that you're bathroom light turned on... Encrypted packets would not be able to be seen in plain text so that person wouldn't know you just entered the bathroom (without looking up from his laptop and seeing the light upstairs come on). This is why most of us only worry about encryption on locks and garages.
So in this example, I'm guessing that a Security mode of "None" (as listed in the HE Z-Wave details page) is equivalent to plain text. I have one device that is listed as "S2 Unauthenticated." Where does that sit in terms of security (or lack thereof)?