The rapid development of Internet of Things (IoT) technology, which is an inter connection of networks through an insecure public channel i.e. Internet demands for authenticating the remote user trying to access the secure network resources. In 2013, Ankita et al. proposed an improved three factor remote user authentication scheme. In this paper, the authors will show that Ankita et al scheme is vulnerable to known session specific temporary information attack, on successfully performing the attack, the adversary can perform all other major cryptographic attacks.