In 2011, Kumar et al. proposed an efficient password authentication scheme using smart cards to overcome the security flaws in Liao et al. scheme. However, in this paper, we point out that Kumar et al.'s scheme actually has various defects been overlooked, such as no provision of forward secrecy, poor repairability and practicality. More recently, Ramasamy and Muniyandi presented an efficient two-factor scheme based on RSA and this scheme is claimed to have a number of merits over existing schemes. Notwithstanding their ambitions, Ramasamy-Muniyandi's scheme is vulnerable to user impersonation attack, and it actually is equivalent to a verifier-table-based scheme, which discourages any use of the scheme for practical applications.