Lately, remote user authentication schemes using smart cards have been researched to provide user privacy. Previously provided schemes based on smart cards were only concerned about providing mutual authentication with key exchange, but the schemes preserving user anonymity have been recently demanded because the user privacy is an important issue in many e-commerce applications. In 2007, Hu et al. pointed out that Chien and Chen's scheme fails to protect the user anonymity and proposed a scheme preserving user anonymity. In 2008, Bindu et ah also pointed out Chien and Chen's scheme fails to protect the user anonymity and suggested a scheme preserving user anonymity. Unfortunately, neither scheme guarantee user anonymity against an insider adversary who is a legal user. In this paper, we first point out that both Hu et al. 's scheme and Bindu et al. 's scheme are still vulnerable to the insider attack. copy; 2008 IEEE.