A method performs location-based multi-factor authentication. The method includes a mobile device that receives a first set of authentication credentials provided by a user, and transmits the first set of authentication credentials to an authentication server, which verifies the first set of authentication credentials. The authentication server transmits verified first factor authentication to the mobile device that sends a request for second factor authentication to an authentication system, which causes the mobile device to scan identifier information associated with a secure device, the secure device then sending a second set of authentication credentials to the authentication system. The authentication system verifies the second set of credentials system and transmits verified second factor authentication to the authentication server, which subsequently grants final authentication based on the verified first factor authentication and the verified second factor authentication.