Cryptography can teach us a very important lesson about software; this is especially true about Kerckhoffs's principle. The principle states this:
"A cryptosystem should be secure even if everything about the system, except the key, is public knowledge."
This was reformulated by Claude Shannon in a form known as Shannon's Maxim:
"One ought to design systems under the assumption that the enemy will immediately gain full familiarity with them".
In layman's terms, in order to have a secure system, it shouldn't be secure just because no one knows how it's been implemented ("security through obscurity"). If you were to secure your money through obscurity, you'd bury it under a tree and hope no one would find it. Whereas, when you use a real security mechanism, such as putting your money in a safe in a bank, you can have every detail about the security system as public information, but providing the security system is truly secure, you would really only have to keep...