[anchpop]

This is true if changing the password s you to re-enter the password on every device (even those that were logged in at the time)

[shkkmo]

Changing a password should always invalidate all existing sessions. If you aren't doing that, then you are doing it wrong.

Edit: Or at least invalidate all sessions initiated using the old password if you have that tracked.

[will4274]

> Changing a password should always invalidate all existing sessions

Doesn't with Google. They display a prompt and let you select which sessions to expire.