Once after the wireless sensor network technology was proposed, it quickly gained wide attention from the academic and industrial areas, and played a major role in the defense military, environmental monitoring, smart home, health care, and other fields. User authentication is becoming an essential mechanism for real-time access in wireless sensor networks. Based on the enhanced adversary model, a kind of insider attack is pointed out, of which it has been neglected for a long time. Then, two foremost authentication protocols are cryptanalyzed for wireless sensor networks environment. Two more things are point out as well. (1) Mir et al.'s protocol cannot resist against insider attack and smart card loss attack, and it also cannot provide forward secrecy; (2) Fang et al.'s protocol cannot achieve the claimed goal of forward secrecy and is vulnerable to insider attack and smart card loss attack. It is suggested that a reasonable solution according to the specific mistakes in their protocol and seven solutions in the existing literatures are summarized for dealing with insider attack. Furthermore, the deficiencies of existing methods are pointed out and a reasonable solution is given to resist insider attack.