Communication is necessary operations in wireless environments. Therefore, we must have a secure remote authentication to defend transactions against illegitimate adversaries in such risky channel. Smart card is one of methods that many schemes used due to its convenience. Recently, Khurram Khan has proposed an enhancement scheme using smart card to recover some pitfalls in Wang et al.’s scheme. They claimed that their scheme remedy those security flaws. Nevertheless, we point out that Khan et al.’s scheme cannot protect user’s anonymity. Besides, it does not achieve secret key forward secrecy and cannot resist denial of service attack due to values stored in server’s database. Consequently, we present an improvement to their scheme to isolate such problems.