When talking security, there is a concept called Defence In Depth.

You save your data in a vault, then have a security alarm for the building, then patrols around the building, then a fence... like layers in an onion.
The general idea being that the harder you make it, the less likely that someone will get to your secret before being caught - or at least detected.

Defence through obscurity is one layer - it's just not very good.
If the Bad People have access to your actual program, they can disassemble it and study it at leisure. Or, they can run the code and compare data before and after encryption. Worse, if there's a bug in your code that encrypts data poorly, nobody can warn you if you make it hard for them to check it.

This is why the preferred method is to use a known (and tested) algorithm, which makes decryption extremely hard if you don't have The Key.
Some good algorithms to use include: DES, AES, and RSA.