In this paper, we present a multi-factor stateful authentication system that uses Near Field Communication (NFC) technology, a mobile phone, known pictures, and state (time sequence) to authenticate users. A user firstly accesses to the mobile phone and then emulates encrypted NFC tags through a mobile app. This mobile app forwards an authentication code to the computer after correctly selecting a preset picture. A custom process bypasses the built-in OS access control letting the user to type a passcode to gain access to the computer. The custom access control process running on the computer is programmed by using an open source credential provider and a database that stores the encrypted authentication codes. Our experiments show that this multi-factor and stateful authentication prevents man-in-the-middle attacks and improves security with a simplified login process.