The development of mobile applications is unbalanced with the level of its security which is vulnerable to hacker attacks. Some important things that need to be considered in the security of mobile applications are login and database system. A login system that used the database as user authentication and passwords are very vulnerable to be hacking. In securing data, various ways had been developed including cryptography. Cryptographic algorithms used in securing passwords usually used MD5 encryption. However, MD5 as a broader encryption technique is very risky. Therefore, the level of login system security in an android application is needed to embed the Advanced Encryption Standard (AES) algorithm in its process. The AES algorithm was applied using variations of 3 keys 128-bit, 192-bit, and 256-bit. Security level testing was also conducted by using 40 SQL Injection samples which the system logins without security obtained 27.5% that be able to enter the system compared to the result of login systems that use AES algorithm 128-bit, 192-bit or 256-bit was obtained 100% that cannot enter into the system. The estimation of the average encryption process of AES 128, 192 and 256 bits are 5.8 seconds, 7.74 seconds, and 9.46 seconds.