User data security is a very important aspect in web-based information systems. This research aims to implement the AES and Bcrypt algorithms to protect user data stored in the MySQL database on the Jahitku website, a startup that has only been built in a relatively short time and does not yet have an adequate security system. The method used follows the flow of software development, starting with a literature study, analyzing system requirements, and designing system architecture. The data used for evaluation is qualitative data in the form of user data generated from 30 dummy data. In this implementation, AES 256 CBC and Bcrypt algorithms are applied to encrypt and hash user data. The evaluation results show that AES can perform encryption with an average time of 0.378 ms and decryption of 0.260 ms, and has a good level of randomness compared to other symmetric algorithms such as DES and Blowfish, with an Avalanche Effect of 50.27%. Meanwhile, Bcrypt requires an average hashing time of 369.045 ms and verify time of 145.569 ms. Although Bcrypt's Avalanche Effect only reaches 36.65%, Bcrypt can still produce unique hashes for the same input and shows good resistance to Brute Force Attacks compared to other hashing algorithms such as MD5, SHA1, and SHA256. This implementation succeeded in increasing the security of user data on the Jahitku website, making a positive contribution to startup development, and increasing user confidence in the services provided.