Password authentication, which is widely used for authenticated method, also is impor-tant protocol by requiring a username and password before being allowed access to resources. In2001, Lin et al. proposed the optimal strong-password authentication protocol, called (OSPA) whichis a one-time password method by verifying with the different verifier every time for affirming itsidentity. However, Chen-Ku and Tsuji-Shimizu pointed respectively out that OSPA is vulnerableto the stolen-verifier attack and impersonation attack. In this paper, we shall propose the improvedprotocol secure against the known attacks to enhance the security.
