No it shouldn't. People need to understand that an OAuth token is like a separate password, specific to a site, that you've handed to them. Revoking them everytime a password changes means the user now has to go back and re-authorize every single site they had previously authorized.