The invention discloses a password-based three-party key exchange method, which comprises the following steps that: S verifies VAS sent by A and the VAS sent by B, and if h(g<ax>, A, B, S) is equal to the second half part of DpwA(VAS) and h(g<by>, A, B, S) is equal to the second half part of DpwB(VBS), g<x> and g<y> in the h(g<ax>, A, B, S) and the h(g<by>, A, B, S) adopt the first half parts of the DpwA(VAS) and the DpwB(VBS) respectively, and the VSA is sent to A and the VSB is sent to B; and A and B verify the VSA sent by S, and if Dg<ax>(VSA) contains g<x> and Dg<by>(VSB) contains g<y>, A and B perform calculation respectively to establish a mutually unified session key g<xy>. The key exchange method not only can effectively resist various attacks and provide perfect forward security, but also achieves improvements on both the exchange turn number and the communication time.