Smart Lock 4.0 Pro + WPA3

Hi,

I was disappointed to learn that even the new 4.0 Pro lock doesn’t support WPA3. At least, it refused to connect to my WPA3-only SSID (with 6 GHz WiFi 6E which mandates WPA3 and PMF), but was able to connect to my legacy WPA2/3 SSID.
Will this be added in a future firmware update? The additional SSID increases beacon overhead and decreases overall network security.

Thanks

1 Like

The Smart Lock generally supports WPA3 networks (and PMF in such networks). It’s maybe an individual problem with your router. Which router do you have?

1 Like

That’s great to hear!
I’m running a UniFi setup with a number of U6-Professional and U6-Enterprise access points. The lock refuses to connect to the SSID with these settings:

(I’ll add more screenshots in subsequent posts as I’m not allowed to upload more than one as a new users)

1 Like

More bad settings:

1 Like

The lock connects to a SSID with these settings:

1 Like

More “good” settings:

1 Like

Ups, you have several changes from “good” to “bad”. Can you confirm that just changing the good configuration to WPA3 hinders the Smart Lock from connecting successfully?

P.S.: Here are a few infos to generally “good” settings in terms of power consumption, stability and responsiveness of the Smart Lock. Most of them are probably not doable if you want to keep everything in one network. Underlaying reasons for guest network

1 Like

Yeah, those SSIDs are very different: one is meant to be a “dumb” one for IoT devices (maximizing compatibility), the other uses advanced feature for more capable devices (e.g. iPhones, MacBooks, etc.). It’s a flat network so that I don’t have to worry about broadcasting mDNS across subnets, even though this means more broadcasts received per device.

One thing that made me curious: I don’t see anything in the access point logs when I try to use the WPA3 SSID. As if the lock decides based on some properties that it doesn’t even try to connect… I would have expected some authentication messages at the very least. In the app, I just get a generic “no connection - please try again” after a few seconds.

2 Likes

Anything I can do to help debug the issue?
Is it just me or are there other users who have reported problems with WPA3?

1 Like

We‘ve been able to replicate the problem and are working on a solution (which could take some time because it’s coming from the driver of the wifi chip).

So, no further help required for the moment.

3 Likes

That’s good to hear! Please let me know if you want me to validate a potential fix in my local setup, once you have a candidate.

2 Likes

As it’s not mentioned in a changelog, it’s not a surprise, so just for posterity: the issue is still present in 4.0.35.

1 Like

Yes, that’s correct. It turned out that WPA3 only networks do not work for the time beeing and that we can not say when and if it will ever come as this is unfortunately not a simple bugfix, but a rather complex feature request.

We’ll state that more clearly in the communication on our website and in the apps. We recommend using WPA3/2 mixed mode networks instead.

If you do not mind, it would be helpful if you add a feature request and start collecting votes for it.

1 Like

Oh, that’s a bummer! I had really hoped that this would be table stakes for any device entering the market these days.

Here it is: Support for WPA3

1 Like

What about the newest products? Does the Smart Lock Pro (5th Gen) finally support WPA3?

1 Like

No. See:

1 Like

To avoid disappointed customers it would be recommendable to not only publish this on the Nuki website but also VERY clearly mark this on the packaging of the locks.

1 Like