Over the last few years, many researchers have paid a lot of attention to the user authentication problem. However, to date, there has been relatively little research suited for wireless sensor networks. Recently, Wong et al. proposed a dynamic user authentication scheme for WSNs that allows legitimate users to query sensor data at every sensor node of the network. We show that Wong et al.'s scheme is vulnerable to the replay and forgery attacks and propose a lightweight dynamic user authentication scheme for WSNs. The proposed scheme not only retains all the advantages in Wong et al.'s scheme but also enhances its security by withstanding the security weaknesses and allows legitimate users to change their passwords freely. In comparison with the previous scheme, our proposed scheme possesses many advantages, including resistance of the replay and forgery attacks, reduction of user's password leakage risk, capability of changeable password, and better efficiency.