I personally agree, but there are some interesting counter-examples. For example, if someone discloses the credentials to an account but says nobody is authorized to use those credentials, I think it violates the CFAA to use those credentials. Even more-so if they only tell you their username, but the password can be inferred without direct disclosure (e.g., if the username is "thepasswordishunter2").
CFAA covers unauthorized access to computer systems - the only case I know of where CFAA was used to prosecute something akin to a DMCA 1201 claim was Sony suing Geohot for putting a tweezer to the RAM on his PS3. It's a novel legal strategy (in case you don't think DMCA 1201 is broad enough), but it was never entirely litigated in court as Geohot settled the case. I still don't think it would have passed muster in court, as it was akin to arguing that someone had violated the CFAA by hacking into their own computer that they forgot the password to. (Either that, or Geohot was poking at PSN and Sony knew this - I never followed that particular case thoroughly)
