I'd like to encrypt my files with a reasonably long passphrase, so that my data is safe from brute force attacks even if my computer is stolen. I don't mind entering that long password once on boot/login, but I'd rather not have to enter a long passphrase when I make administrative changes. Is there a way to use two different passwords, a long one for Filevault and login and a shorter one for administration? Alternatively, can I simply disable password prompts for administrative changes? I can give myself password-less superuser privileges on the command-line using the sudoers file. Is there a comparable setting for GUI-driven privilege requests? Thanks in advance.