Password-based authentication scheme with smart card is an important part of security for accessing remote servers. In 2011, Awasthi et al. proposed an improved timestamp-based remote user authentication scheme to eliminate the attacks in Shen et al.'s. However, we find that their scheme is vulnerable to the privileged insider, the lost smart card, the password guessing, the replay, the modification, and the denial of service attacks. We propose a timestamp-based remote user authentication scheme using elliptic curve cryptography to fix such problems. Our scheme is based on elliptic curve discrete logarithm problem (ECDLP) and provides lost smart card attack resistance. The user can choose and change his or her password freely and the server need not maintain a password verifier table in its database in our scheme. Furthermore, our scheme is proved to be more secure than Awasthi et al.'s. And it is more efficient than the previous timestamp-based authentication schemes.