In 2005, Liao et al. pointed out some weaknesses in Das et al.’s dynamic ID-based scheme. They proposed a slight modification to Das et al.’s scheme to improve its weaknesses. In 2008, Gao-Tu, and in 2010, Sood et al., found vulnerabilities in Liao et al.’s scheme; and independently proposed its security enhanced versions. However, we identify that Gao-Tu’s scheme is insecure against user impersonation attack, server counterfeit attack, man in the middle attack, server’s resource exhaustion attack and does not provide session key agreement. We also demonstrate that Sood et al.’s scheme is still vulnerable to malicious user attack in different ways and user’s password is revealed to the server. Besides both the schemes have no provision for revocation of lost or stolen smart card. Our cryptanalysis results are important for security engineers, who are responsible for the design and development of smart card-based user authentication systems.