Lastly, your mother's tactic is called "security by obscurity" and it's more effective than a lot of people would think.
On an individual level, yes.
In the world of computer science, where companies like to say, "our products are protected by proprietary security, the details of which are secret," this doesn't hold true.
Unlike your mother's bed-stand, crackers can get hold of "secure" software, and, in their own time, work on cracking that "bespoke" security. They can find the mathematical weaknesses, the flawed implementations, the loopholes, the timing attacks, the rainbow attacks, and all the other vulnerabilities, all without having to hide in your mother's bedroom the whole time. Once they break the security in that product (and if it's a worthwhile target, they will), nobody other than the crackers will ever know. The vendors will keep on touting how clever and secure it is, claiming it is because of that "security by obscurity", little aware that this is its very weakness.
Security, and especially cryptography, is hard. As the author of this article discovered, "roll-your-own" security will almost certainly have flaws you didn't even consider. The advantage of open peer-reviewed security, such as the standards that HTTPS operates over, is that when flaws are found, they are made public, and fixed. If you're relying on those technologies, you'll know if they have been found wanting, and be able to take appropriate measures, rather than being in the dark whilst hackers steal all your business secrets.
For those interested in the subject of security, I can't recommend Bruce Schneier's blog highly enough. He has been over this same ground, in various guises, many times.