Netflix uses a version of Open autentication to allow a device to access an account. Once the device has been authorized it will then have access to that account until its has been deautorized.
Chaning password doesnt matter becouse the device has autorization already probably in the form of a refresh token stored someplace. So its not storing a password its storing an autorization token of some kind.
Lets use facebook as an example: (response to comment below)
https://www.facebook.com/settings?tab=applications
This shows a list of all the crap I have loged in to using my facebook account. Now I have probably changed my facebook password sevral times it wont matter I will still have access. Some of these are mobil apps i have installed on my cellphone at one time or another. Even if i dont use them they still have access.