Although Flume is developed independently and is not an official Instagram product, your security and privacy is of the utmost importance. Data protection and security is something that's been built into Flume since development began in 2013.
Flume does not use the Instagram Developer API or the Instagram Graph API, but instead communicates directly with Instagram's servers. This is necessary in order to provide the majority of Flume's functionality. As a result, your Instagram account information (usernames and passwords) are required to log in and use Flume. This data is only ever sent to Instagram's servers during account log in, and additionally never saved or stored anywhere on your Mac locally.
In order to prevent the extremely unlikely scenario of a rogue macOS application or malware application* attempting to steal data from Flume's internal data, session cookies that Flume saves in order to maintain your connection to Instagram are stored locally on your Mac in the macOS Sandbox, and secured with AES-256 encryption.
Additionally, Instagram has recently added account protection measures to ensure your account is only being accessed by you. These include login security checks, two-factor authentication, and login notification emails. It's recommend that you enable two-factor authentication on your Instagram accounts, and add recovery phone numbers and confirm your email address attached to your Instagram accounts, should you ever need to recover your Instagram account in the future.
Note: Flume cannot protect you if your Internet or network connection has been compromised and allows for someone to "sniff" your Mac's network traffic. In this situation, your security of all Internet-based activity you perform is at risk, and the use of a VPN service is strongly recommended, especially in the case of public WiFi networks.
- Will my Instagram account get banned if I use Flume?
- "New login detected" email received after using Flume