King Saud University
User authentication in Wireless Sensor Networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, a two-factor user authentication scheme in WSNs is proposed and claimed that his scheme is secure against different kinds of attack. However, in this paper, the authors show that the scheme has some critical security pitfalls and cannot be recommended for real applications.