SQL injection attacks on the web databases are mainly due to the application development process where the coding process is vulnerable as it was not secured. This however can be prevented by various methods. One of the techniques is to limit the access of database to authorized users only. Database contents are encrypted so as to allow a secure way of efficient query processing directly on the encrypted database. SQL attacks can be prevented through highly secure authentication schemes in the login phase itself. In this paper, we have presented one such technique. Our scheme proposes that access be provided to verified users only. That is, at the time of creation of the user account, a user key is generated for every user where the user name and password at the time of login is encrypted by Blowfish encryption and RSA technique at different levels of the total encryption process. The access is provided by the server after confirming the user’s authenticity. On server side the encrypted data will be decrypted using the user key. The decrypted data will be checked and if the user is genuine, further access will be granted to the database. The RSA encryption will work as a protective cover for the SQL query generated by the user at the client’s end.