REST API Auth Question

Just wanted to get some opinions and we're about to implement a REST based API. We want to implement a basic API similar to Highrise or the new API released by Wasabi.

Is there a benefit to using a long random API key over say just the username/password a given user would already have? Also are there any other auth systems you guys would recommend that might be better or more efficient?

We're using the restful_authentication plugin. Thanks for any tips.