In 1998, Tseng and Jan proposed a lightweight interactive user identification protocol based on ID-based cryptography. Recently, Hwang et al. modified their protocol to reduce the responding and waiting time for wireless network applications. In this letter, we show that their scheme is vulnerable to impersonation attacks.