I have noticed that when I factory reset a desk phone (e.g. a Yealink T46s) in the same network segment as the Yeastar PBX, it shows up under "Auto Provisioning -> Phones" as new device.
I can then assign an extension, which provisions the phone.
But I noticed that Yeastar does NOT change the default username/password of that phone!
And that is NOT great at all.
When the phone is adopted into the Yeastar PBX, ALL configuration should be done via the Yeastar PBX and it should NOT be necessary to ever log into the Phone UI again, for nothing.
3CX (the PBX I have used for several years) always changes username and passwords with random values (different for every device). It is possible to view those values just in case there is ever the odd need to log into the phones web interface (see below).
Yeastar should do the same.
Yealink phones even show a warning icon on the display, indicating that the default password has not been changed. So even the phone is not happy with the current way Yeastar handles this :)
Not only is this a security risk but can also be a maintenance nightmare when users can use the default phone credentials to fiddle around with phone settings etc.
And manually changing the credentials is just unnecessarily complex.
SO, I urge Yeastar to adopt the way 3CX handles credentials - or something similar.