To address the security concerns of Industry 4.0, recently, Garg <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> proposed a lightweight authentication protocol, and Akram <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> showed some of its security drawbacks. We continue this line by exposing how Garg <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> ’s protocol suffers from noninvasive and invasive attacks. First, we explain that a passive attacker can trace any two communicating nodes to compromise their location privacy. Next, we show that an active though noninvasive adversary can compromise the integrity of the exchanged messages without being detected and run a de-synchronization attack. Besides, the adversary can extract any shared session key from any pair of nodes in the protocol. We named this attack a pandemic session key disclosure attack, and its consequences are more harmful than the impersonation of a compromised node. Finally, we disclose how the proposed scheme does not guarantee the privacy protection for the keys when we assume an honest but curious server. To overcome those existing security flaws, we finally propose a revised protocol called <monospace xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TARDIGRADE</monospace> . First, our informal analysis, and then, our formal security analysis using the real-or-random model shows that <monospace xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TARDIGRADE</monospace> provides the desired security, and likewise, our performance analysis confirms a reasonable cost compared with Garg <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> ’s protocol.