Abstract: This paper gives a detailed analysis on the security of an authentication scheme with intrusiontolerant feature. A state transition diagram is used to describe the security behavior of the system. The characteristics of the proposed scheme are that a user password is split to store in distributed shared servers by using Shamir′s secret sharing. Thus, valid authentication services are continuously available even though the minority of shared servers are compromised. Moreover, the original password data is not required to be constructed during authentication processes. Hence, the availability, integrity and confidentiality of authentication system will be enhanced by means of the present scheme.