Example in real world for cyber world.
There are 2 salient points in cryptography:
- Algorithm (or how it works) is publicly known, source codes are even published (mechanism of the combination lock is known)
- Key is secret, this is the only way to access the cipher text (the combination code you have chosen to unlock)
Therefore, never invent your own crypto algorithm no matter how much obfuscation you have made in the codes. It is just security through obscurity.
Of course, even a recognized (or certified) crypto will be subject to attack (online or offline) due to technology advancement over time. Essentially, counter-measures are to increase the time attacker needs to get thru: regular password change, complex password, 2FA, adding salt and pepper in the stored hash etc.