Question $2.(20$ points$)$ Suppose your employer asks you to add a private$-$salt capability to a legacy system that does not currently support private salt. The legacy system does

$1$

not limit the number of allowed failed login attempts $($i$.$e$.,$ no user gets locked out because of having entered the wrong password too many times$),$ and you need to maintain this $$no lockout$$ property when adding the private salt capability. You are asked to avoid modifying the internals of the legacy system, by writing a front$-$end to it$,$ for both the login and the password selection and modification. Of the following possible choices for the contents of a user entry in the password file, some are more compatible than others with the task you were assigned. Identify the choices that are more compatible with your assignment, and explain in detail why.

Choice $1$: username, salt, h$($ password, private$\_$salt, salt $)$

Choice $2$: username, salt, h$($ password, salt, private$\_$salt $)$

Choice $3$: username, salt, h$($ salt, password, private$\_$salt $)$

Choice $4$: username, salt, h$($ salt, private$\_$salt, password $)$

Choice $5$: username, salt, h$($ private$\_$salt, password, salt $)$

Choice $6$: username, salt, h$($ private$\_$salt, salt, password $)$