You can usefully distinguish between the name/location/identity of the resource and credentials/password used to access it. "Security through obscurity" is a specific criticism that usually means that the system doesn't adhere to Kerckhoffs's principle.
