![security by obscurity security by obscurity](https://www.dreamhost.com/blog/wp-content/uploads/2018/06/DreamHost-Security-Through-Obscurity-image6-600x465.jpg)
But if you have a plant next to the door, and you keep the key under that plant, well…you’ve now made it easy to get the key, which is a different kind of stupid.
![security by obscurity security by obscurity](https://i.ytimg.com/vi/bPjcHA2_oNc/maxresdefault.jpg)
So a good lock, with the key secure in your pocket is not Security by Obscurity. The door and key example can get a bit confusing when you poorly secure your actual key.Don’t let people term-shame you who don’t grasp the underlying concepts.As long as you have a good key, it’s ok for people to know the mechanism.It’s where you keep the mechanism secret, not the key.But most people don’t know what it actually is.Having a known defense but a hidden key is a well-established part of good security, and it has been for millennia. Obscurity doesn’t apply if people know the mechanism you’re using and they simply have a resource problem. Sure, they can check under every rock in Central Park and eventually find the package, but you’ll be done with the mission by then. In short, you just made it harder for the enemy to successfully attack you by giving them a resource problem. I did an experiment one weekend and got ~10,000 probes on port 22 and 4 on some random high port. Sure, that’s not too difficult, but how many people are actually going to do that? Not many, because it’s costly in terms of time and effort. But now they have to scan all the ports and find the new one. It’s fine that people know you changed your SSH port.