An approach is provided for securing a network-accessible site such as a bank, financial institution, or a user's home system. A request is received from a user of the network-accessible site. While the request is from a user, the system further verifies that the user is the authorized user and not an imposter, such as a hacker. To this end, the approach transmits a state inquiry to a wearable device registered to the user. The current state of the user is received from the wearable device, such as whether the user is sitting, standing, walking, sleeping, etc. If the system determines that the current user state allows the action to be performed at the site by the user, then the action is performed. Likewise, if the system determines that the current user state disallows the action, then the system inhibits, or otherwise prevents, the action from being performed.