User Authentication in computer systems is an important cornerstone in today�s computer era. The concept of a user id and password is one of the easiest ways for authentication. It is not only the easiest way, but also cost effective and highly efficient. Today, we can see the password cracking and hacking in everywhere. At present we are using the single server system for this sort of password based authentication. Traditional protocols for password-based authentication assume a single server which stores all the information (e.g., the password) necessary to authenticate a user. When an attacker obtains the information stored on the server, he can obtain all the passwords which were stored in the server via launching an off-line dictionary attack. To address this issue, a number of schemes have been proposed in which a user�s password information is shared among multiple servers, and these servers cooperate in a threshold manner the user wants to authenticate. In this paper, a new efficient two-server password-only based authentication is proposed. In addition, the system is secure against offline dictionary attacks mounted by either of the two servers.