The telecare medicine information system enables or supports health-care delivery services. A secure authentication scheme will thus be needed to safeguard data integrity, confidentiality, and availability. In this paper, we propose a generic construction of smart-card-based password authentication protocol and prove its security. The proposed framework is superior to previous schemes in three following aspects : (1) our scheme is a true two-factor authentication scheme. (2) our scheme can yield a forward secure two-factor authentication scheme with user anonymity when appropriately instantiated. (3) our scheme utilizes each user's unique identity to accomplish the user authentication and does not need to store or verify others's certificates. And yet, our scheme is still reasonably efficient and can yield such a concrete scheme that is even more efficient than previous schemes. Therefore the end result is more practical for the telecare medicine system.