In 1995, Wu proposed an efficient smart card-oriented remote login authentication scheme. The scheme allows a user to freely choose his password, and no verification tables are required. Hwang recently showed the insecurity in Wu's scheme; however, he did not propose his improvement. In this article, authors show a different approach to break the scheme, and propose their improvement. The modified scheme can withstand all possible attacks.