Forward security and resistance to denial-of-service (DOS) attack are two critical properties for low-cost Radio Frequency Identification (RFID) systems because low-cost tags are prone to be compromised once they are captured and wireless communications are relatively easier to be manipulated. In 2011, Duc et al. proposed two RFID authentication protocols called O-FRAP + and O-RAP + to enhance the forward security and resistance to DOS attacks. Unfortunately, we find that even if only a single tag is compromised in the O-FRAP + and the O-RAP + , then all the other tags would be vulnerable to DOS attacks. In this paper, we report the weaknesses, analyze the design flaws and propose a new scheme to improve the security. Security analysis and performance evaluation show that the proposed scheme out-performs its counterparts.