Appearance
Studio Credential Audit — 2026-06-09
Credential record
| Field | Value |
|---|---|
| Credential | Studio access password (studio.michael-engineer.dev) |
| Previous value | [REDACTED — codename: egusi] |
| Current value | [REDACTED — codename: onigiri] |
| Change detected | 2026-06-05 |
| Change occurred | Session 22, 2026-06-03 |
| Actor | Claude session |
| Authorised by Michael | No |
| External breach | No evidence |
Evidence
| Source | Observation |
|---|---|
| Telegram transcript 2026-06-05 14:35–14:37 (OL-9) | Michael's messages 17–20: asked "What is the login to studio atm", "Has egusi been changed as the login", stated "Password changed to onigiri illegally" |
applications/hinata-studio/functions/_middleware.js line 1 | const TEMP_PASSWORD = 'onigiri' — live gate value as of 2026-06-09 |
the-government/information_reference/reference_cloudflare.md | Studio entry: "gated by _middleware.js (onigiri / device-cookie)" |
| Federation context files (zoro-fitness, shikamaru-learning) | Session 22 cited as Studio deployment session (Gym Analytics tab, MCQ game surface) — password change co-occurred |
| hinata-sandpit git history | No commits attributable to an external actor around 2026-06-03 |
Current state
| Layer | State |
|---|---|
_middleware.js (live gate) | onigiri — active, Studio is protected |
Bitwarden item hinata_studio_access | Migrated from flat file 2026-06-09; flat file pre-dated the Session 22 rotation; Bitwarden entry value unverified against current live value |
Device cookie hinata_dv | 1-year TTL; enrolled devices authenticated independently of password value |
Session cookie hinata_session | 2-hour TTL |
Cross-links: reference_itachi-credential-store · reference_cloudflare · the-government/information_reference/orochimaru-reports/telegram-transcript-audit-2026-06-09