Aaron's Law Act of 2013 - Amends provisions of the Computer Fraud and Abuse Act (CFAA) prohibiting computer fraud to replace the phrase "exceeds authorized access" with "access without authorization," which is defined as obtaining information on a protected computer that the accesser lacks authorization to obtain by knowingly circumventing one or more technological or physical measures that are designed to exclude or prevent unauthorized individuals from obtaining that information.

Modifies CFAA penalty provisions to: (1) limit the imposition of enhanced penalties to subsequent offenses under such Act (currently, additional penalties are allowed if there is a conviction for another offense) and to criminal acts punishable under federal or state law by a term of imprisonment for more than one year; and (2) require the determination of the value of information for enhanced penalty purposes to be made by reference to fair market value.