In a conventional instant messaging system, multiple instant message (IM) instances may log onto an IM session from different physical locations, using the same user's credentials, thereby providing a way to share a message between the multiple instances so that a computing device at each physical location can obtain the same view of the message. Since the user cannot simultaneously be at all of the different physical locations, the user cannot physically control all of the multiple IM instances. Therefore, security of certain IM endpoints is compromised. Unauthorized persons can observe and/or hijack the IM session without the user's knowledge. For example, a user has three instances of an IM session—one at a home office, one at a workplace office location, and one in a conference room, where the user is working. At the conclusion of the conference room meeting, the user closes the conference room instance of IM session, but does not return to the workplace office location and therefore fails to close the workplace office instance of the IM session. The user moves to the home office and conducts confidential business using the home office instance of the IM session. Another person (e.g., a custodian or fellow office worker) who is not authorized to know the confidential business information observes the IM session via the workplace office instance. Furthermore, after the user closes the home office instance, the unauthorized person at the workplace office location hijacks the IM session for his or her own use, or begins a new IM session with other participants and masquerades as the original user (i.e., the true owner of the IM collaboration). Thus, there exists a need to overcome at least one of the preceding deficiencies and limitations of the related art.