A password change won’t boot another device out of an active session if they are viewing a camera (or basically doing anything else static), but as soon as they actively do anything, like enter a camera or exit one, they will be re-authorized, and drop out to the logon screen. Then they are out forever.
If they aren’t already running an authorized session when the password change occurs, then they won’t even be able to get in, not even with an auto-logon (because it would have the wrong password).
So a password change should be effective. At least it was on my iOS device. My password change on another iOS device didn’t even update the keychain. Apparently you can only do that from a new login. I’d refrain from updating the keychain until you get the phone back, although they should still need another code, fingerprint, or face to get into that.
BTW, if this is an iOS device, then you have other options with the “Find My iPhone” app, like erasing the device, or sending out a “lost, call me” notice. You can also see where the phone is currently located if it is powered on and in range of a cell tower or WiFi it recognizes.