SUMMARY
Security of a website is a very important aspect. Because unsafe websites will easily be damaged the integrity of the data and information through various attack. SQL Injection is one type of attack that often occurs on websites. SQL Injection is a method for entering SQL commands as an input through a web to get database access. Insecure URLs and Login forms are often targeted by SQL Injection attacks to exploit web databases. There are many ways to prevent SQL Injection attacks and one of them uses cryptographic techniques to encrypt URLs and Login Forms of websites into an incomprehensible codes or passwords. The cryptographic method used is blowfish algorithm. This research aims to tests the performance of blowfish to prevent SQL Injection attacks through the implementation of URL and Login Form encryption. Web security from SQL Injection attacks is tested before and after encryption. Attack testing is done manually and automatically. Automatic testing using SQL Map and JSQL Injection applications. The test results prove that the implementation of URL and login form encryption uses blowfish algorithm is effective to prevent SQL Injection attacks because SQL Injection attacks always fail after implementation of URL and Login Form encryption.