[wlindner]

RE not using OAuth: I did that because users had a lot of trouble using the oauth login, so I basically just pass the users credentials to the oauth page. If you prefer oauth just press "Forgot Password" in the login popup and press the go back link, it will bring you to the standard Instagram login and will work the same.

[bitsweet]

that worked. I'd probably feel comfortable if there was just a disclaimer that said you don't store credentials on the login page. I'm probably too trusting but I like it when product designers are thoughtful enough to explain what is done with credentials/data.