The wireless industry, over the last few years, has undergone a tremendous amount of change, which is brought about through the introduction of a never ending stream of technologies all designed to provide unique services that customers will purchase. For wireless networks, at the heart of all the technologies introduced is access---being able to access services regardless of where the end user is physically located. While wireless networks are very convenient for users, their widespread use creates new challenges from a security point of view. To control access to wireless networks, it is essential for the server to authenticate the remote users. A variant of the wireless networks is wireless sensor networks (WSNs). In WSNs, there are spatially distributed sensors which cooperatively monitor environmental conditions, such as humidity, pressure, temperature, motion, or vibration, at different locations. Each sensor node has the ability to monitor the physical world and return the sensed information to base stations or at the backend of the application system via wireless communication. With the increasing ubiquity of WSNs, real-time data could be accessed from every sensor node. Hence, security measures should be taken to protect the collected secrets in order to prevent un-authorized users from gaining the information. In this dissertation, we introduce recent developments in the field of wireless security and investigate several user authentication protocols in wireless networks. A detailed explanation of security frameworks and security requirements for authentication will be given. We design several user authentication protocols in wireless networks, including two kinds of password-based user authentication protocols, a biometrics-based user authentication protocol, and a self-certificate-based user authentication protocol. For password-based user authentication, we propose two password-based user authentication protocols, namely protocol-I and protocol-II. The protocol-I is a password-based user authentication protocol using LU decomposition, which authenticates remote users and allows legitimate users to access network services over an open communication network. This protocol possesses many merits, including freely changeable passwords, mutual authentication, user anonymity, and session key agreement. The protocol-II is a password-based user authentication protocol for WSNs, which allows legitimate users to query sensor data at any of the sensor node in an ad hoc manner and imposes very little computational overhead. For biometrics-based user authentication, we propose a biometrics-based remote user authentication protocol using smart cards. The protocol fully preserves the privacy of the biometric data of each user while allowing the server to verify the correctness of the users' biometric characteristics without knowing the exact values. In addition, the proposed protocol is later extended to a multi-party biometrics-based remote user authentication protocol by incorporating a secret sharing component. This extended protocol is essentially a (t, n)-threshold multi-party authentication protocol. Any group of t or more users can together reconstruct the authentication key with their own biometric data, passwords, and smart cards but no group of less than t users can. For self-certificate-based user authentication, we propose a self-certificate-based user authentication protocol for WSNs, which can deal with authenticated queries involving multiple sensor nodes, achieve mutual authentication and key agreement between users and sensor nodes, and provide a key distribution center (KDC) to revoke compromised key pairs. In this protocol, a user can send data requests to the sensor nodes within his communication range and receives valid responses if the requests are legitimate. On average, there are n sensors in the communication range of the user. The proposed protocol still works well even if the adversary captures t nodes out of n nodes in the WSNs. Moreover, security of these proposed protocols is modelled and analyzed with Petri nets. Our analysis shows that the protocols can defend notorious attacks.