I personally agree, but there are some interesting counter-examples. For example, if someone discloses the credentials to an account but says nobody is authorized to use those credentials, I think it violates the CFAA to use those credentials. Even more-so if they only tell you their username, but the password can be inferred without direct disclosure (e.g., if the username is "thepasswordishunter2").
CFAA covers unauthorized access to computer systems - the only case I know of where CFAA was used to prosecute something akin to a DMCA 1201 claim was Sony suing Geohot for putting a tweezer to the RAM on his PS3. It's a novel legal strategy (in case you don't think DMCA 1201 is broad enough), but it was never entirely litigated in court as Geohot settled the case. I still don't think it would have passed muster in court, as it was akin to arguing that someone had violated the CFAA by hacking into their own computer that they forgot the password to. (Either that, or Geohot was poking at PSN and Sony knew this - I never followed that particular case thoroughly)
It's been a while since I've read about it, and I'm not a lawyer, but my recollection is that geohot said he deliberately kept his PS3 offline once it was compromised, and Sony's counterargument was (in effect, via some truly mind-bending equivocation) that geohot compromised the PS3 (the abstract computer for which authorization presumably proceeds from Sony) as opposed to his PS3 (the specific computer for which authorization presumably proceeds from geohot). Since the PS3 interacts with PSN, geohot had thereby gained unauthorized access to a computer used in interstate and foreign commerce.
It's one of those arguments for which I have a hard time deciding whether it's fiendishly clever, gratuitously obfuscated, or jaw-droppingly stupid.
