Recently, Lin, Hwang, and Li proposed an efficient remote authentication scheme using smart cards for multi-server architecture based on the geometric property of the Euclidean plane. Herein, we show that their scheme is vulnerable to two forgery attacks and a password-guessing attack, and is not easily repairable. Furthermore, their scheme lacks a proper user eviction mechanism.

Recently, Das et al. proposed a dynamic ID-based verifier-free password authentication scheme using smart cards. To resist the ID-theft attack, the user's login ID is dynamically generated and one-time used. Herein, we demonstrate that Das et al.'s scheme is vulnerable to an impersonation attack, in which the adversary can easily impersonate any user to login the server at any time. Furthermore, we also show several minor weaknesses of Das et al.'s scheme.