Skip to Main Content
In 2001, Li et al. proposed a password authentication scheme for the multiserver architecture by using a pattern classification system based on neural networks. Herein, we demonstrate that Li et al.'s scheme is vulnerable to an offline password guessing attack and a privileged insider's attack, and is not reparable. Additionally, we show that Li et al.'s scheme has several drawbacks in practice.