Science and Development Network (SciDev.Net)
Recently, the authors proposed a robust mechanism for smart card based remote logins in a multi-server architecture. However, based on the security analyzes conducted by them, they find their mechanism is vulnerable against smart card lost problems, leak-of-verifier attack and session key disclosure attack. To eliminate all identified security threats in their mechanism, they further proposed an improved version of two-factor based user authentication protocol in multi-server networks. In order to frustrate illegal users' attempts of getting the serviceable resources maintained in remote servers, two-factor (password and smart card) user authentication is the widely accepted and most adopted method in client-server architecture.