Mobile cloud computing (MCC) is an increasingly popular research topic, partly due to the widespread adoption of mobile devices and cloud services among individual and organizational users. Security and privacy of data-at-rest and data-in-transit are two of several key issues that need to be addressed. Traditional authentication models employ third-party security monitoring mechanisms, which generally require complicated and resource-intensive mechanisms for ensuring security measures. These mechanisms are not adaptive for MCC deployment; thus, it requires lightweight authentication methods. This paper reviews existing port-knocking authentication methods by analyzing the mechanism and classifying the methods into a thematic taxonomy. Current port-knocking authentication methods are compared based on static or dynamic knocked sequences, which tend to solve the Network Address Translation (NAT) knock and Denial of Service (DoS) knock attacks. Finally, we discuss the issues and challenges in implementing port-knocking for MCC.