REST API Auth Question

Just wanted to get some opinions and we’re about to implement a REST
based API. We want to implement a basic API similar to Highrise or
the new API released by Wasabi.

Is there a benefit to using a long random API key over say just the
username/password a given user would already have? Also are there any
other auth systems you guys would recommend that might be better or
more efficient?

We’re using the restful_authentication plugin. Thanks for any tips.