In this paper, we analyze and point out several weaknesses in the dynamic ID-based remote user authentication schemes using smart card for multi-server environments, and present the countermeasures to enhance the security of the schemes. Taking Li et al.'s scheme for instance, we demonstrate that their scheme does not provide forward secrecy and key privacy for the session keys, and cannot resist offline password guessing attack. Furthermore, the reasons of these security weaknesses are analyzed through extending the attacks to its predecessors. Finally, the improved ideas of local verification and authenticated Diffie-Hellman key agreement are presented to overcome the weaknesses mentioned above.