It is Amazing to see how good zwave js has become in short time. Recently zwave js added support for S2 Auth.
I have some locks, IDlock 150 and danalock that are both using S0_Legacy protocol and i was hoping there was some easy way to get them over to S2 without exclusion and inclusion maybe some upgrade path?
First, you should actually verify that your lock models do support S2, not all do. Then you need to be using zwavejs2mqtt, as the official addon + integration does not support S2 inclusion yet.
The only way to switch from S0 to S2 is to re-include the device. There is a process to preserve the node ID, which is nice from the HA perspective, but you’ll have to decide for yourself if the process is easier than just normal exclude / include.
If zwavejs2mqtt is not stopped, it will detect the reset and automatically exclude the device, so step 1 is important.
It’s possible node-zwave-js might streamline this same process in the future, but you have to do it manually for now.
Great thank you, i will try this 
dont everybody use zwavejs2mqtt? 
I also have ID lock and Danalock, did you try it and how did it work?
I did talk to id lock, no support for s2 in the zwave module. They have no plans to fix it. Currently i have a ongoing case with fgsikring.no about the locks security certificate. Updating the zwave module to support S2 is a requirement to keep this certificate so we have to see how it goes.
Danalock needs reinclusion for s2 to work.
I’m interested if you will be able to get it pair in S2 mode. I have tried it but not able to get it to work