A network security system receives a request from a user over a network to access a network application. The system verifies user credentials for the user. The user credentials include a user identifier and specify a social network. The user is redirected to the social network for authentication. The system queries a rule-set database using the user identifier and an integer representation of the social network. The rule-set database includes recommendations as to access determined by a security application based at least in part on a known memory state for the user associated with the user identifier. Then the system blocks access by the user to the network application based on a recommendation in the rule-set database.