International Journal of Network Security
Remote authentication is a method to authenticate remote users over insecure communication channel. Password-based authentication schemes have been widely deployed to verify the legitimacy of remote users. Very recently, the researchers pointed out that their scheme is vulnerable to parallel session attack, masquerading at-tack and password guess attack. They proposed an improved scheme to remedy these pitfalls. They claimed their scheme can against parallel session attack, masquerading attack and password guess attack. However, they find that their scheme is vulnerable password guess attack, masquerading user attack and masquerading server attack.