I'm working on a research study that queries a series of participants' FitBit data after they authorize us via the OAuth2.0 auth cycle.  I have the refresh cycle handled, but I wanted to ask if, in the case that a subject changes his or her password, would this affect the OAuth cycle in any way. Or is the user's password and our authorization to access his/her FitBit completely separate? What we don't want to have happen is to attain authorization from a participant and then later on lose that authorization due to a password change. I'd just like to cover my bases :] 

Thanks!

Alex