Bluetooth, a short range wireless communication standard, has made possible a number of digital devices totally free from being bonded to wires and cables. Its application which used to serve mostly cell phones and headsets has widely extended to PCs and PDAs. Given the data transferred has come to a greater degree of sensitivity, security issues involving Bluetooth transmission have raised many concerns. However, during the authentication and key exchange process of Bluetooth communication, a lot of information is transferred in plaintext, which allows a malicious third party to spoof the legal Bluetooth device to make it through the authentication, or to deduce the encryption key to eavesdrop the transferring data. This paper will introduce and analyze the security mechanism of Bluetooth first, then discuss the security drawbacks on this mechanism, and finally an improved scheme is proposed that could be applied in high security demanding applications.