Communicating smart entities in the Internet of Things (IoT) environment using cloud technology makes human daily life more convenient and brings benefits in various fields. After the occurrence of the novel coronavirus, the demand for remotely managed systems will significantly raise up to mitigate the harmful consequences of social distancing and to increase the systems' efficiency as well. In such systems, sharing relevant information among honest entities over public connection brings numerous security risks. In this context, in 2020, Wazid et al. proposed a new lightweight authentication mechanism for cloudbased IoT environment called LAM-CIoT. Their mechanism uses multi-factor authentication and provides real-time data access from the deployed IoT-sensors. Wazid et al. argued that the mechanism they proposed is stable, efficient and scalable. However, we find out that Wazid et al.'s mechanism shows weaknesses and is incomplete. In this paper, we briefly introduce Wazid et al.'s mechanism and expound that their mechanism is still unstable and not suitable to be applied in practice.