In this paper, we propose a mutual authentication scheme using nonce variable instead of Mac address and accompanying with token updates to improve the functionality. Lee et al. (2005a) and Shi et al. (2006) proposed the site authentication schemes by using the generating random numbers. The site authentication can identify a personal computer using LAN card's Mac address, but the Mac address is easily detected through Address Resolution Protocol in the Open Systems Interconnection model. Therefore, we propose an improved securer and efficient noncebased authentication scheme providing mutual authentication to resist the replay attack, man-inthe-middle attack and Mac address attack.