Sometimes, an API Key can be compromised. This can happen by many different reasons - forgetting the key at a git repo or something else. If you think, your API Key is compromised, you can revoke that key.
At your User Profile, find your key at list and press Actions button, choose Withdraw action and confirm action.
Revoke API Key Interface
What is possible via API Key
Using the key you will get access to the same powers as the user, but you don't have to use username and password to login.