The　security　of　the　quantum　secure　direct　communication　protocol　with　authentication　expansion　using　single　photons　is　analyzed.　It　is　shown　that　an　eavesdropper　can　obtain　or　even　modify　the　transmitted　secret　without　introducing　any　error　by　implementing　a　simple　man-in-the-middle　attack　after　the　authentication　is　successfully　carried　out.　Furthermore,　a　denial-of-service　attack　is　also　discussed.　The　particular　attack　strategy　is　demonstrated　and　an　improved　protocol　is　presented.